원문정보
초록
영어
The Border Gateway Protocol (BGP) is the routing protocol that enables large IP networks to form a single Internet. The main objective of BGP is to exchange Network Layer Reachability Information (NLRI) between Autonomous Systems (ASes) so that a BGP router can announce their IP prefix and find a path to the destination of packets. As the number of IP hijacking incidents has increased, a number of solutions are created to prevent IP hijacking. However, few studies have been researched about an AS path hijacking. We proposed a novel methodology of preventing AS path hijacking by comparing live BGP streams to our policy-based database that collected from RIPE NCC repository. As the number of ASes increases, our method for comparing live BGP streams to our policy-based database have to be enhanced to validate AS path in real time. We enhanced the main comparison algorithm and the performance result indicates that the enhanced algorithm is on average 1.45 times faster than the existing algorithm.
목차
1. Introduction
2. Related Research
2.1. Origin Validation
2.2. Path Validation
3. BGP’s Vulnerabilities
3.1. IP Hijacking
3.2. AS Path Hijacking
4. Enhanced Secure AS Path BGP (SAPBGP)
4.1 Overview
4.2 Constructing Database
4.3 Monitoring Live BGP Stream
4.4 Experiments
5. Conclusions
References