A Systematic Approach to Evaluating the Trustworthiness of the Internet Inter-Domain Routing Information

Peidong ZHU  Huayang CAO  Wenping DENG  Kan CHEN  Xiaoqiang WANG  

Publication
IEICE TRANSACTIONS on Information and Systems   Vol.E95-D   No.1   pp.20-28
Publication Date: 2012/01/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.E95.D.20
Print ISSN: 0916-8532
Type of Manuscript: INVITED PAPER (Special Section on Trust, Security and Privacy in Computing and Communication Systems)
Category: 
Keyword: 
BGP,  inter-domain routing,  trustworthiness,  security,  

Full Text: FreePDF


Summary: 
Various incidents expose the vulnerability and fragility of the Internet inter-domain routing, and highlight the need for further efforts in developing new approaches to evaluating the trustworthiness of routing information. Based on collections of BGP routing information, we disclose a variety of anomalies and malicious attacks and demonstrate their potential impacts on the Internet security. This paper proposes a systematic approach to detecting the anomalies in inter-domain routing, combining effectively spatial-temporal multiple-view method, knowledge-based method, and cooperative verification method, and illustrates how it helps in alleviating the routing threats by taking advantage of various measures. The main contribution of our approach lies on critical techniques including the construction of routing information sets, the design of detection engines, the anomaly verification and the encouragement mechanism for collaboration among ASs. Our approach has been well verified by our Internet Service Provider (ISP) partners and has been shown to be effective in detecting anomalies and attacks in inter-domain routing.