Author_Institution :
State Key Lab. of Math. Eng. & Adv. Comput., Zhengzhou Inf. Sci. & Technol. Inst., Zhengzhou, China
Abstract :
Due to the lack of the mechanism within BGP to verify the authority of an Autonomous System (AS) to announce Network Layer Reachable Information (NLRI), a specific IP prefix may be hijacked by a suspicious AS, leading to Internet instability even crash. Current proposals either are still no widely deployed for expensive overhead and complex key management, such as S-BGP, soBGP, etc, or can be incrementally deployed but not timely response and block attacks, just detect anomalies and rely on manual response from network operators, such as iSPY, PHAS, etc. The paper proposed an autonomous system origination reputation model to evaluate the trust degree of an autonomous system (AS) on originating the prefix. As a result, an AS selectively prefers the route announcement originated by the AS with higher origination reputation, prefix hijacking would be suppressed from happening. According to the beta reputation theory, the origination reputation of an AS is computed based on results of multiple prefix hijacking detection systems, by removing false positives and false negatives of detection systems. And the origination reputation is updated following the "slowly rising, quickly falling" principle. In the end, the validity of the model is verified by simulation experiments.
Keywords :
telecommunication network routing; telecommunication security; Internet instability; NLRI; PHAS; S-BGP; autonomous system; autonomous system origination reputation model; beta reputation theory; detection systems; false negatives; false positives; iSPY; multiple prefix hijacking detection systems; network layer reachable information; prefix hijacking; reputation-based method; route announcement; secure inter-domain routing; Accuracy; Computational modeling; Conferences; IP networks; Internet; Negative feedback; Routing; BGP; beta reputation; prefix hijacking; prefix reputation;
