Wireless Communications, Networking and Applications pp 1163-1174 | Cite as
A Security Mechanism for Detecting Nonfeasance on Inter-domain Routing Forwarding
The inter-domain routing system faces serious security threats for lack of effective security mechanisms. Although many security solutions have addressed anomaly forwarding of Border Gateway Protocol (BGP) routes, the research is short of nonfeasance behavior. Based on AS relationships between two-hop distance neighbors, a security mechanism called TwoReply is designed for detecting nonfeasance through introducing feedback approach into the process of BGP route announcements. Furthermore, combined of BGP route selection, TwoReply offers an efficient penalty algorithm to select secure path. Security and performance analysis demonstrate that this mechanism can detect nonfeasance behavior effectively with few route resource consumption. It improves the overall security of inter-domain routing system and has good scalability.
KeywordsInter-domain routing Nonfeasance AS relationship BGP
This work was supported by National High Technology Research and Development Program of China (863 Program) (No. 2013AA014701), National Nature Science Foundation of China (No. 61171193).
- 1.Rekhter, Y., Li, T., Hares, S.: A border gateway protocol 4 (BGP-4). In: RFC, p. 4271 (2006)Google Scholar
- 2.Butler, K., Farley, T., McDaniel, P.: A survey of BGP security issues and solutions. IEEE Proc. 2010(1), 100–122 (2010)Google Scholar
- 3.Youtube hijacking: A RIPE NCC RIS case study. http://www.ripe.net/news/study-youtube-hijacking.html
- 5.Yu, X.P., Wang, H.J.: Detecting invalid BGP routes based on AS relationships. J. Jilin Univ. 25(4), 461–464 (2007)Google Scholar
- 6.Wei, Z.H., Chen, M., Zhao, H.H.: AS relationships quick inference algorithm. J. Univ. Electron. Sci. Technol. China 39(2), 266–270 (2010)Google Scholar
- 8.White, R.: Securing BGP through secure origin BGP. Internet Protoc. J. 6(3), 15–22 (2003)Google Scholar
- 9.Kranankis, E., Wan, T., Oorschot, P.C.: On interdomain routing security and pretty secure BGP (psBGP). ACM Trans. Inf. Syst. Secur. (TISSEC) 10(3), 1–41 (2007)Google Scholar
- 10.Gao, L.: On inferring autonomous system relationships in the Internet. In: IEEE/ACM Transactions on Networking (2001)Google Scholar
- 11.The Network Simulator–ns2. http://www.isi.edu/nsnam/ns/
- 12.BRITE. http://www.cs.bu.edu/brite/