Hi-BGP: A Lightweight Hijack-proof Inter-domain Routing Protocol
نویسندگان
چکیده
BGP is the cornerstone of the Internet. However, the implicit trust assumption in BGP’s design destines its inherited vulnerability. Prefix hijacking is one of the large-scale BGPspecific routing anomalies that are able to paralyze the Internet. This calls for a hijack-proof security solution. By putting the protection against prefix hijacking the top priority, we design a lightweight hijack-proof BGP system – Hi-BGP. Hi-BGP utilizes the existing BGP system to distribute the relevant route validation information and use the information to prevent various prefix hijacking. In addition, we propose a transition scheme of HiBGP so that it can be incrementally deployed. At the same time, we show that Hi-BGP is lightweight and can be deployed in the Internet.
منابع مشابه
BGP is high on SDN: Improving BGP Convergence and Security using SDN and reassertions
Border Gateway Protocol (BGP) is the de facto protocol for inter-domain routing in the Internet. BGP performance has historically been accepted but rapidly evolving internet demands better performance guarantees from BGP. BGP convergence time is notorious for its unpredictable and unbounded limits. We present a novel way where we dissipate BGP state change messages from multiple Autonomous Syst...
متن کاملMeasuring and Analyzing on Effection of BGP Session Hijack Attack
Because there is no authentication mechanism used in BGP, a mis-behaving router can announce routes to any destination prefix on the Internet and even manipulate route attributes in the routing updates it sends to neighboring routers. Taking advantage of this weakness has become the fundamental mechanism for constructing prefix hijack attacks. The relation of network topology and prefix hijacki...
متن کاملDeployable BGP Security
The routing protocol that connects the Autonomous Systems, BGP, is vulnerable to a number of potentially crippling attacks because it trusts unverified control plane information received from external networks. Within the last year we have seen ConEdison hijack Panix’s /16 [1], TTNET hijack several /8’s including 1247 more specifics of AT&T’s 12/8 [2], NW Network Cable announce several /8’s inc...
متن کاملEvaluation on the influence of internet prefix hijacking events
The inter-domain routing system based on the BGP protocol is a kernel establishment in the Internet. There have been many incidents of IP prefix hijacking by BGP protocol in the Internet. Attacks may hijack victim's address space to disrupt network services or perpetrate malicious activities such as spamming and DoS attacks without disclosing identity. The relation between prefix hijacking and ...
متن کاملThe Next 10,000 BGP Gadgets: Lightweight Modeling for the Stable Paths Problem
For the past ten years, the de facto interdomain routing protocol, the Border Gateway Protocol (BGP), has been been studied in the framework of the Stable Paths Problem (SPP). The SPP approach revealed several combinations of node topologies and configurations in which BGP cannot converge to a stable solution. These misbehaving “gadgets” serve as counterexamples to desirable BGP behavior, which...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2006