A distributed reputation approach to cooperative Internet routing protection
作者: Harlan Yu , J. Rexford , E.W. Felten
DOI: 10.1109/NPSEC.2005.1532057
关键词:
摘要: The security of the Internet's interdomain routing system hinges on whether autonomous systems (ASes) can trust information they receive from each other via border gateway protocol (BGP). Frequently, this has been misguided, resulting in wide-spread outages and significant concerns about future attacks. Despite seriousness these problems, proposals for a more secure version BGP have stymied by serious impediments to practical deployment. Instead, we argue that existing relationships between network operators (and institutions represent) are powerful force improving BGP, without changing underlying protocol. Our approach leverages ideas online reputation allow ASes form peer-to-peer overlay integrates results local network-management tools detecting attacks configuration errors. proposed architecture is incrementally deployable, protects against shilling attacks, deters malicious operator behavior.
sci-hub.se 参考文章(12)
Scott Shenker, Lakshminarayanan Subramanian, Ion Stoica, Volker Roth, Randy H. Katz, Listen and whisper: security mechanisms for BGP networked systems design and implementation. pp. 10- 10 ,(2004)
Christopher Kruegel, Darren Mutz, William Robertson, Fredrik Valeur, Topology-Based Detection of Anomalous BGP Messages recent advances in intrusion detection. pp. 17- 35 ,(2003) , 10.1007/978-3-540-45248-5_2
William Aiello, John Ioannidis, Patrick D. McDaniel, Aviel D. Rubin, Timothy Griffin, Geoffrey Goodell, Working around BGP: An Incremental Approach to Improving Security and Accuracy in Interdomain Routing. network and distributed system security symposium. ,(2003)
Nick Feamster, Hari Balakrishnan, Detecting BGP configuration faults with static analysis networked systems design and implementation. pp. 43- 56 ,(2005) , 10.5555/1251203.1251207
Ratul Mahajan, David Wetherall, Tom Anderson, Understanding BGP misconfiguration Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications - SIGCOMM '02. ,vol. 32, pp. 3- 16 ,(2002) , 10.1145/633025.633027
Jennifer Rexford, Zhuoqing Morley Mao, Jia Wang, Jian Wu, Finding a needle in a haystack: pinpointing significant BGP routing changes in an IP network networked systems design and implementation. pp. 1- 14 ,(2005) , 10.5555/1251203.1251204
S. Kent, C. Lynn, K. Seo, Secure Border Gateway Protocol (S-BGP) IEEE Journal on Selected Areas in Communications. ,vol. 18, pp. 582- 592 ,(2000) , 10.1109/49.839934
Anja Feldmann, Olaf Maennel, Z. Morley Mao, Arthur Berger, Bruce Maggs, Locating internet routing instabilities Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications - SIGCOMM '04. ,vol. 34, pp. 205- 218 ,(2004) , 10.1145/1015467.1015491
Xiaoliang Zhao, Dan Pei, Lan Wang, Daniel Massey, Allison Mankin, Shyhtsun Felix Wu, Lixia Zhang, Detection of invalid routing announcement in the Internet dependable systems and networks. pp. 59- 68 ,(2002) , 10.1109/DSN.2002.1028887
Y. Rekhter, T. Li, A Border Gateway Protocol 4 (BGP-4) A Border Gateway Protocol 4 (BGP-4). ,vol. 1654, pp. 1- 104 ,(1994)