Computer Laboratory

Dongting Yu

Research

Security of the Internet Infrastructure

I am interested in the security of the Internet infrastructure. In particular, the insecurity of the Border Gateway Protocol (BGP) keeps me awake at night. The problem with a secure BGP is not simply a matter of a good solution. It requires a solution that can be adopted by many and deployed across the Internet. Many factors other than technology are also involved. Economics is one. There are misaligned incentives and some people simply do not see any reason to start using a secure BGP. Luckily, we can learn from other similar situations, such as DNSSEC and IPv6.

In recent months (summer 2012) I have also become interested in OpenFlow security. OpenFlow is a relatively new technology under the umbrella of Software Defined Networks (SDN). The common theme between BGP security and OpenFlow security is that they are both routing related, so a lot of lessons can carry over. OpenFlow (and SDNs in general) are more powerful in that the user can customise more than before, but it cannot happen without a solid secure foundation.

Aggressive Phishing Disruption

In my master's years I worked on an aggressive phishing disruption called Humboldt. The main idea is to submit fake but trackable data into phishing sites while remain indistinguishable from real phished victims. We can later track and identify the phishers with these data.