Quick update

This work (BGPy) has been cited more than 15 times, I don't have the time to update this page just yet, but just know this tool is being used all over the place :)

Onwards

Included here are some use cases for BGPy, i.e. some papers that have been completed or are in progress by other teams by extending BGPy. Please do cite and/or contact if you end up using it, we'd love to hear your use case and add it here! We're also in the process of actively developing BGPy, so any changes you'd like to see please let us know :)

BGPy:

BGPy Description

BGPy is a BGP Python Simulator used to analyze various attack and defense scenarios that includes a custom test suite for BGP diagrams.

BGPy Links

• Github: https://github.com/jfuruness/bgpy_pkg
• Paper: https://dl.acm.org/doi/fullHtml/10.1145/3607505.3607509

BGPy Citation:

@inproceedings{10.1145/3607505.3607509,
author = {Furuness, Justin and Morris, Cameron and Morillo, Reynaldo and Herzberg, Amir and Wang, Bing},
title = {BGPy: The BGP Python Security Simulator},
year = {2023},
isbn = {9798400707889},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
url = {https://doi.org/10.1145/3607505.3607509},
doi = {10.1145/3607505.3607509},
abstract = {The security of Border Gateway Protocol (BGP), and inter-domain routing in general, remains a challenge, in spite of its well-known importance, repeated attacks and incidents, and extensive efforts and research over decades. We present BGPy, an open-source, extensible, robust, easy-to-use and efficient BGP security simulator, to be used for research and education. BGPy allows realistic simulations of a large variety of BGP attacks and defenses. It is provided as a Python package, and can be further customized and extended, e.g., to investigate new attacks and new defense mechanisms. We describe how BGPy is currently used by multiple BGP security projects.},
booktitle = {Proceedings of the 16th Cyber Security Experimentation and Test Workshop},
pages = {41–56},
numpages = {16},
location = {Marina del Rey, CA, USA},
series = {CSET '23}
}

ROV++:

ROV++ Description

ROV++ contains multiple variants that are incremental improvements over ROV

ROV++ Links

• NOTE: This used a very old version of BGPy. Most of the ROV++ policies have since been moved into BGPy
• Github: https://github.com/jfuruness/rovpp
• Paper: https://www.ndss-symposium.org/wp-content/uploads/ndss2021_1A-4_24438_paper.pdf

ROV++ Citation:

@inproceedings{inproceedings,
author = {Morillo, Reynaldo and Furuness, Justin and Herzberg, Amir and Morris, Cameron and Breslin, James},
year = {2020},
month = {12},
pages = {},
title = {ROV++: Improved Deployable Defense against BGP Hijacking},
doi = {10.14722/ndss.2021.24438}
}

BGP-iSec:

BGP-iSec Description

BGP-iSec includes enhancements to BGPSec for defending against path manipulation attacks.

BGP-iSec Links

• NOTE: This used a very old version of BGPy. Most of the BGP-iSec policies have since been moved into BGPy
• Github: https://github.com/c-morris/bgpy_pathsec
• Paper: https://www.researchgate.net/publication/375553362_BGP-iSec_Improved_Security_of_Internet_Routing_Against_Post-ROV_Attacks

BGP-iSec Citation:

@inproceedings{ndss2024:241035,
author = {Cameron Morris and Amir Herzberg and Bing Wang and Samuel Secondo},
title = {{BGP}-i{S}ec: {I}mproved {S}ecurity of {I}nternet {R}outing against {P}ost-{ROV} {A}ttacks},
booktitle = {Proceedings of the 2024 Network and Distributed System Security ({NDSS}) Symposium},
year = {2024},
isbn = {1-891562-93-2},
doi = {10.14722/ndss.2024.241035}
}

ASPA evaluation:

ASPA Evaluation Description

Evaluating ASPA, post-ROV defenses, and post-ROV attacks, including the novel first-ASN Stripping Hijack

ASPA Evaluation Links

• Github: https://github.com/jfuruness/aspa_eval/
• Paper: https://www.ndss-symposium.org/ndss-paper/securing-bgp-asap-aspa-and-other-post-rov-defenses/

ASPA Evaluation Citation:

@inproceedings{inproceedings,
author = {Furuness, Justin and Morris, Cameron and Wang, Bing and Morillo, Reynaldo and Herzberg, Amir and Kasiliya, Arvind},
year = {2025},
month = {01},
pages = {},
title = {Securing BGP ASAP: ASPA and other Post-ROV Defenses},
doi = {10.14722/ndss.2025.240675}
}

Suppressing BGP Zombies with Route Status Transparency:

Accepted to NDSI 2025

Suppressing BGP Zombies with Route Status Transparency:

RoST Evaluation Description

In essence, preventing withdrawal suppression attacks/misconfigurations through a trusted repository

RoST Evaluation Links

• Github: https://github.com/jfuruness/rost_eval/
• Paper: https://www.usenix.org/conference/nsdi25/presentation/anahory

Suppressing BGP Zombies with Route Status Transparency Citation

@inproceedings {305999,
author = {Yosef Edery Anahory and Jie Kong and Nicholas Scaglione and Justin Furuness and Hemi Leibowitz and Amir Herzberg and Bing Wang and Yossi Gilad},
title = {Suppressing {BGP} Zombies with Route Status Transparency},
booktitle = {22nd USENIX Symposium on Networked Systems Design and Implementation (NSDI 25)},
year = {2025},
isbn = {978-1-939133-46-5},
address = {Philadelphia, PA},
pages = {1349--1366},
url = {https://www.usenix.org/conference/nsdi25/presentation/anahory},
publisher = {USENIX Association},
month = apr
}

Ain’t How You Deploy: An Analysis of BGP Security Policies Performance Against Various Attack Scenarios with Differing Deployment Strategies:

Ain't How You Deploy Description

An Analysis of BGP Security Policies Performance Against Various Attack Scenarios with Differing Deployment Strategies

Ain't How You Deploy Links

• Github: https://github.com/sethbarrett50/BGPy_Analysis/tree/main
• Paper: Accepted, but conference has not occurred yet

Ain't How You Deploy Citation:

@INPROCEEDINGS{10758948,
  author={Barrett, Seth and Idom, Calvin and Villafuerte, German Zavala and Byers, Andrew and Gulmezoglu, Berk},
  booktitle={2024 International Symposium on Networks, Computers and Communications (ISNCC)}, 
  title={Ain't How You Deploy: An Analysis of BGP Security Policies Performance Against Various Attack Scenarios with Differing Deployment Strategies1}, 
  year={2024},
  volume={},
  number={},
  pages={1-8},
  keywords={Computers;Authorization;Autonomous systems;Current measurement;Border Gateway Protocol;Security;Protection;BGP;Security;Simulation;Defensive Strategies},
  doi={10.1109/ISNCC62547.2024.10758948}}

Advanced Prefix Interception Attacks:

Advanced Prefix Interception Attacks Description

(in progress)

Advanced Prefix Interception Attacks Links

• Github: (not yet public)
• Paper: (in progress)

Advanced Prefix Interception Attacks Citation:

(in progress)

ASPA++:

ASPA++ Description

(in progress)

ASPA++ Links

• Github: (not yet public)
• Paper: (in progress)

ASPA++ Citation:

(in progress)

SAV:

SAV Description

(in progress)

SAV Links

• Github: (not yet public)
• Paper: (in progress)

SAV Citation:

(in progress)

Extrapolator:

Extrapolator Description

(in progress)

Extrapolator Links

• Github: (not yet public)
• PyPi: (not yet public)
• Paper: (in progress)
• Unofficial paper: (in progress)

Extrapolator Citation:

(in progress)

BGPy Website:

BGPy Website Description

(in progress)

BGPy Website Links

• Paper: (in progress)
• Unofficial paper: (in progress)

BGPy Website Citation:

(in progress)

Rodday's ASPA evaluation:

Rodday's ASPA evaluation

This work cited BGPy, although they didn't end up using it, since BGPy wasn't around when the work had been started, noting that it would potentially be useful for future works. It was recently accepted, but the paper is not yet out.

@inproceedings{inproceedings,
author = {Rodday, Nils and Rodosek, Gabi and Pras, Aiko and Deij, Roland},
year = {2024},
month = {05},
pages = {1-10},
title = {Exploring the Benefit of Path Plausibility Algorithms in BGP},
doi = {10.1109/NOMS59830.2024.10575088}
}```