Detection of invalid routing announcement in the Internet

Proceedings. International Conference on Dependable Systems and Networks Pub Date : 2002-06-23 DOI:10.1109/DSN.2002.1028887

Xiaoliang Zhao, Dan Pei, Lan Wang, D. Massey, A. Mankin, S. F. Wu, Lixia Zhang

{"title":"Detection of invalid routing announcement in the Internet","authors":"Xiaoliang Zhao, Dan Pei, Lan Wang, D. Massey, A. Mankin, S. F. Wu, Lixia Zhang","doi":"10.1109/DSN.2002.1028887","DOIUrl":null,"url":null,"abstract":"Network measurement has shown that a specific IP address prefix may be announced by more than one autonomous system (AS), a phenomenon commonly referred to as Multiple Origin AS, or MOAS. MOAS can be due to either operational need to support multi-homing, or false route announcements due to configuration or implementation errors, or even by intentional attacks. Packets following such bogus routes will be either dropped or in the case of an intentional attack, delivered to a machine of the attacker's choosing. The paper presents a protocol enhancement to BGP which enables BGP to detect bogus route announcements from false origins. Rather than imposing cryptography-based authentication and encryption to secure routing message exchanges, our solution makes use of the rich connectivity among ASs that exists in the Internet. Simulation results show that this simple solution can effectively detect false routing announcements even in the presence of multiple compromised routers, become more robust in larger topologies, and can substantially reduce the impact of false routing announcements even with a partial deployment.","PeriodicalId":93807,"journal":{"name":"Proceedings. International Conference on Dependable Systems and Networks","volume":"16 1","pages":"59-68"},"PeriodicalIF":0.0000,"publicationDate":"2002-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"99","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. International Conference on Dependable Systems and Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSN.2002.1028887","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 99

Abstract

Network measurement has shown that a specific IP address prefix may be announced by more than one autonomous system (AS), a phenomenon commonly referred to as Multiple Origin AS, or MOAS. MOAS can be due to either operational need to support multi-homing, or false route announcements due to configuration or implementation errors, or even by intentional attacks. Packets following such bogus routes will be either dropped or in the case of an intentional attack, delivered to a machine of the attacker's choosing. The paper presents a protocol enhancement to BGP which enables BGP to detect bogus route announcements from false origins. Rather than imposing cryptography-based authentication and encryption to secure routing message exchanges, our solution makes use of the rich connectivity among ASs that exists in the Internet. Simulation results show that this simple solution can effectively detect false routing announcements even in the presence of multiple compromised routers, become more robust in larger topologies, and can substantially reduce the impact of false routing announcements even with a partial deployment.

查看原文本刊更多论文

检测Internet中无效的路由公告

网络测量表明，一个特定的IP地址前缀可能由多个自治系统(AS)宣布，这种现象通常被称为多源自治系统(MOAS)。MOAS可能是由于支持多宿主的操作需要，或者由于配置或实现错误而导致的错误路由通知，甚至是故意攻击。沿着这种虚假路由的数据包要么被丢弃，要么在蓄意攻击的情况下被传送到攻击者选择的机器上。本文提出了一种对BGP协议的改进，使BGP能够检测来自虚假来源的虚假路由通告。我们的解决方案利用了Internet中存在的as之间的丰富连接，而不是强加基于加密的身份验证和加密来确保路由消息交换的安全。仿真结果表明，这种简单的解决方案即使在存在多个受损路由器的情况下也能有效地检测出错误路由通知，在更大的拓扑中变得更加鲁棒，并且即使在部分部署的情况下也能大大减少错误路由通知的影响。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings. International Conference on Dependable Systems and Networks

自引率

0.00%

发文量