Nils Rodday M.Sc.

INF 3 Institut für Technische Informatik
Gebäude Carl-Wery-Str. 22, Zimmer 1612
+49 89 6004 7318

Nils Rodday M.Sc.


Research area

My PhD research centers around routing security issues of the Border Gateway Protocol (BGP) and their mitigation. In particular BGP hijacking and path manipulation attacks. We have focused on developing a  methodology to identify RPKI deployment, which provides a source of cryptographically secured ownership information in the inter-domain routing infrastructure. Moreover, we looked at default routing to quantify the error introduced into RPKI measurements and compared existing RPKI validators regarding their performance. Lately, my attention shifted towards path plausibility algorithms that are currently discussed within the IETF, such as ASPA. We currently develop an evaluation testbed based on the NIST SRx framework. Additionally, I am supervising student thesis projects within this domain to extend the support of the NIST SRx framework for other routing daemons.

Conference Papers, Workshops, and Other Activities:

- CNSM, Toronto (2023)
- IETF114, Philadelphia (2022)
- ICUFN, Barcelona (2022)
- TMA, Remote (2021)
- TAURIN, Remote (2021)
- CoNEXT, Barcelona (2020) - Poster
- Guest Lecture on Internet Routing Security @ Blekinge Tekniska Högskola (BTH), Karlskrona/Remote
- NOMS, Budapest/Remote (2020)
- ITNAC, Auckland (2019)
- IMC, Amsterdam (2019)
- RIPE79, Rotterdam (2019)
- ISNCC, Istanbul (2019)
- CoNEXT, Heraklion (2018)
- RTUWO, Riga (2018)
- IETF102, Montréal (2018)
- RSA Conference USA, San Francisco (2016)
- BlackHat Asia, Singapur (2016)
- IEEE Network Operations and Management Symposium, Istanbul (2016)
- EIT Innovation Day 2016, Eindhoven (2016)
- PvIB CISO8, Utrecht (2016)


Rodday, N., Cunha, I., Bush, R., Katz-Bassett, E., Rodosek, G.D., Schmidt, T.C. and Wählisch, M., 2023, October. The Resource Public Key Infrastructure (RPKI): A Survey on Measurements and Future Prospects. In IEEE Transactions on Network and Service Management (TNSM). IEEE. Accepted for publication.

Höger, N., Rodday, N., Borchert O., Dreo, G., 2023, October. Path Plausibility Algorithms in GoBGP. In 2023 19th International Conference on Network and Service Management (CNSM). IEEE. Accepted for publication.

Rodday, N., Dreo, G., 2023, October. BGPEval: Automating Large-Scale Testbed Creation. In 2023 19th International Conference on Network and Service Management (CNSM). IEEE. Accepted for publication.

Friedemann, P.H., Rodday, N., Dreo, G., 2022, July. Assessing the RPKI Validator Ecosystem. In Proceedings of the 13th International Conference on Ubiquitous and Future Networks (ICUFN).

Rodday, N., Cunha, I., Bush, R., Katz-Bassett, E., Rodosek, G.D., Schmidt, T.C. and Wählisch, M., 2021. Revisiting RPKI Route Origin Validation on the Data Plane. In Proc. of Network Traffic Measurement and Analysis Conference (TMA). IFIP.

Rodday, N., Kaltenbach, L., Cunha, I., Bush, R., Katz-Bassett, E., Rodosek, G.D., Schmidt, T.C. and Wählisch, M., 2021, August. On the Deployment of Default Routes in Inter-domain Routing. In Proceedings of the ACM SIGCOMM 2021 Workshop on Technologies, Applications, and Uses of a Responsible Internet (pp. 14-20).

Rodday, N., van Baaren, R., Hendriks, L., van Rijswijk-Deij, R., Pras, A. and Dreo, G., 2020, November. Evaluating RPKI ROV identification methodologies in automatically generated mininet topologies. In Proceedings of the 16th International Conference on emerging Networking EXperiments and Technologies (pp. 530-531).

Poschinger, R., Rodday, N., Labaca-Castro, R. and Dreo Rodosek, G., 2020, November. OpenMTD: A Framework for Efficient Network-Level MTD Evaluation. In Proceedings of the 7th ACM Workshop on Moving Target Defense (pp. 31-41).

Udo Helmbrecht, Corinna Schmitt, Raphael Labaca Castro, Christian Dietz, Nils Rodday, Klement Streit, Sascha von Schledorn, Siegfried Brunner, Christian Siegert, and Florian Steuber, 2020, May. Seminars Cyber Defence (HT 2019) and IT-Sicherheit (WT 2020), Technical Report – No. INF3-2020-05.

Rodday, N., Castro, R.L., Streit, K. and Rodosek, G.D., 2019, November. Evaluating TCP Connection Healthiness. In 2019 29th International Telecommunication Networks and Applications Conference (ITNAC). IEEE.

Streit, K., Castro, R.L., Rodday, N. and Rodosek, G.D., 2019, November. Topology Update Algorithm for Wireless Networks. In 2019 IEEE 16th International Conference on Mobile Ad Hoc and Sensor Systems Workshops (MASSW) (pp. 184-185). IEEE.

Streit, K., Rodday, N., Steuber, F., Schmitt, C. and Rodosek, G.D., 2019, October. Wireless SDN for Highly Utilized MANETs. In 2019 International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob) (pp. 226-234). IEEE

Nils Rodday, Randy Bush, Italo Cunha, Ethan Katz-Bassett, Gabi Dreo Rodosek, Thomas C. Schmidt and Matthias Wählisch. Extending RPKI ROV Measurement Coverage, Poster @ Internet Measurement Conference (IMC), 2019 ACM.

Nils Rodday, Klement Streit, Gabi Dreo Rodosek and Aiko Pras. On the Usage of DSCP and ECN Codepoints in Internet Backbone Traffic Traces for IPv4 and IPv6. In International Symposium on Networks, Computers and Communications (ISNCC), 2019 IEEE. ISBN: 978-1-7281-1243-5

Nils Rodday, Klement Streit, Gabi Dreo Rodosek, Aiko Pras; An Empirical Study of DSCP and ECN Usage by Application in Internet Traffic Traces, Poster @ CoNEXT 2018

Klement Streit, Nils Rodday, Gabi Dreo Rodosek, AODV-CBR: Capacity-based Path Discovery Algorithm for MANETs with High Utilization, RTUWO'18 - Advances in Wireless and Optical Communications, Nov 2018, Riga, Latvia. 2018

Nils Rodday, Aiko Pras and Gabi Dreo Rodosek. Towards European Network Sovereignty. In IFIP Proceedings of AIMS 2018. ISBN: 978-3-903176-12-6. Page 75-79

Rodday, N.M., Schmidt, R.D.O. and Pras, A., 2016, April. Exploring security vulnerabilities of unmanned aerial vehicles. In Network Operations and Management Symposium (NOMS), 2016 IEEE/IFIP (pp. 993-994). IEEE.

Seminar/Bachelor/Master Thesis Topics:

BGP hijacking – RPKI topics

BGP hijacking is a pressing issue that has not yet been fully resolved. As trust is the basis for a BGP announcement to propagate through the Internet, it is relatively easy for an attacker to announce prefixes belonging to other organizations.

Several solutions have been proposed to (partially) solve the problem of BGP hijacking. RPKI is a promising approach that is using Origin-Authentication through certificates to determine whether an entity is allowed to announce a certain prefix or not.

As RPKI is a fast-moving field that is actively being researched by CODE, we offer several topics in the field. Students interested in the security of Internet routing are welcome to send a mail and ask for up-to-date topics in this area.

Please approach me if you want to propose your own idea within my area of interest.