A cascading failure model for interdomain routing system

There have been many researches on border gateway protocol (BGP) security, most of which mainly focused on how to enhance the security of the BGP protocol or the interdomain routing system. However, few works studied the vulnerabilities especially the production mechanism of security events in the interdomain routing system. It takes many obstacles to understand and improve the security of the interdomain routing system. This paper explores the cascading failure phenomenon of the interdomain routing system. First, we devise a state machine to describe the state transition of BGP nodes and then give a detailed analysis of the BGP failure. Second, on the basis of the preferential attachment characteristic, we propose a cascading failure model for the interdomain routing system, which depicts the production mechanism of cascading failure, and introduce two evaluating indicators, the proportion of failed nodes and the proportion of failed links, to assess the scale of cascading failure. Furthermore, we apply the cascading failure model to display two different cascading failure scenes. The experimental results show that random failure has less influence on the interdomain routing system, while its robustness against hostile attack is weak. Copyright ©2011 John Wiley & Sons, Ltd.

[1]  Michalis Faloutsos,et al.  Neighborhood Watch for Internet Routing: Can We Improve the Robustness of Internet Routing Today? , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[2]  Vishal Misra,et al.  Network Resilience: Exploring Cascading Failures within BGP∗ , 2006 .

[3]  Xin Zhao,et al.  Longitudinal study of BGP monitor session failures , 2010, CCRV.

[4]  Yakov Rekhter,et al.  A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.

[5]  Doug Montgomery,et al.  A Comparative Analysis of BGP Anomaly Detection and Robustness Algorithms , 2009, 2009 Cybersecurity Applications & Technology Conference for Homeland Security.

[6]  Patrick Crowley,et al.  Proceedings of the 2nd ACM SIGCOMM workshop on Programmable routers for extensible services of tomorrow , 2009, SIGCOMM 2009.

[7]  Enke Chen,et al.  Graceful Restart Mechanism for BGP , 2007, RFC.

[8]  Yi Yang,et al.  Generic Threats to Routing Protocols , 2006, RFC.

[9]  Bernhard Plattner,et al.  On Evaluating BGP Routing Stress Attack , 2010, J. Commun..

[10]  Olivier Bonaventure,et al.  A hierarchical model for BGP routing policies , 2009, PRESTO '09.

[11]  Ramesh Govindan,et al.  An empirical study of router response to large BGP routing table load , 2002, IMW '02.

[12]  Zhenhai Duan,et al.  Region-based BGP announcement filtering for improved BGP security , 2010, ASIACCS '10.

[13]  Stephen T. Kent,et al.  Secure Border Gateway Protocol (S-BGP) , 2000, IEEE Journal on Selected Areas in Communications.

[14]  Daniel Massey,et al.  PHAS: A Prefix Hijack Alert System , 2006, USENIX Security Symposium.

[15]  Yougu Yuan,et al.  Global Routing Instabilities Triggered by Code Red II and Nimda Worm Attacks , 2001 .

[16]  Huang Minhuan,et al.  CMV-HOT:An Evolution Model of Inter-Domain Routing System Based on the Complex System Theory , 2009 .