For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
A Systematic Approach to Evaluating the Trustworthiness of the Internet Inter-Domain Routing Information
Peidong ZHU Huayang CAO Wenping DENG Kan CHEN Xiaoqiang WANG
IEICE TRANSACTIONS on Information and Systems
Publication Date: 2012/01/01
Online ISSN: 1745-1361
Print ISSN: 0916-8532
Type of Manuscript: INVITED PAPER (Special Section on Trust, Security and Privacy in Computing and Communication Systems)
BGP, inter-domain routing, trustworthiness, security,
Full Text: FreePDF
Various incidents expose the vulnerability and fragility of the Internet inter-domain routing, and highlight the need for further efforts in developing new approaches to evaluating the trustworthiness of routing information. Based on collections of BGP routing information, we disclose a variety of anomalies and malicious attacks and demonstrate their potential impacts on the Internet security. This paper proposes a systematic approach to detecting the anomalies in inter-domain routing, combining effectively spatial-temporal multiple-view method, knowledge-based method, and cooperative verification method, and illustrates how it helps in alleviating the routing threats by taking advantage of various measures. The main contribution of our approach lies on critical techniques including the construction of routing information sets, the design of detection engines, the anomaly verification and the encouragement mechanism for collaboration among ASs. Our approach has been well verified by our Internet Service Provider (ISP) partners and has been shown to be effective in detecting anomalies and attacks in inter-domain routing.