CoISM: Improving Security and Accuracy of BGP through Information Sharing - Frontiers in Internet Technologies - page 258

Information Technology Reference

In-Depth Information

immunity set. If an AS node does not receive or use the false route according to

its routing policy even it is true, it belongs to the isolate set.

For an example, as shown in Fig.1, suppose AS E is a malicious node and

trytohijackprefix P 1 of AS F .WhenAS E advertise a NLRI for prefix P 1 to

AS A ,both A and B will select this bogus route as the best route according

to rule of shortest path first. In this case, AS A and B are infection nodes. AS

C is an immunity node, because C is the owner of prefix P 1 , when it receives

NLRI advertised by AS E , it detects it is a prefix hijacking. At last, AS D is C 's

customer and C will not advertise false routing information to AS D ,soAS D

is an isolated node.

(P 1 ,E) is invalid !

Provider-Customer

A

B

C

D

Peering-Peering

(P 1 ,E)

(P 1 ,F)

P 1 ,P 2

BGP route

Message

E

F

Fig. 1. Local validity of monitoring information

Most routing policies are designed oriented AS without diffusing prefixes

owned by the same AS. Since routing hijacking attack is based on routing policy

breaches, if an AS is under routing attack, all of its prefix might be under attack

too. So, if monitoring information about prefix P 1 is valid to an AS (such as Y ),

information about prefix P 2 which is owned by the same AS is probably valid

to Y . This second characteristic is called relative validity. According to relative

validity, all of the monitoring information about prefix owned by the same AS

might cause the same infection, immunity and isolation node classification.

Therefore, we realizes it is possible to implement monitoring information shar-

ing on-demand.

2.2 Objective

For the sake of further argument, we explained the special meaning of some

terms, which appeared in the following description.

Term 1 : Monitoring Information . Monitoring information refers to route

validation request and acknowledge.

Term 2 : Monitor . Monitor collects BGP route from AS BGP router, vali-

dates the authenticity of BGP route according to local knowledge. To simplify

description, we denote AS node as monitor. A monitor can be defined by a tuple

=( M ID , I M , K M ). M ID is a unique identity of monitor. I M represents set of

local monitoring information which is produced or received by monitor. K M is

the local knowledge database which is composed of BGP routing table, routing

policy, prefix ownership, anomaly detection rules, blacklist of false route and

Next Page

Frontiers in Internet Technologies

Search WWH ::

Custom Search

Home