Enhancing Border Gateway Protocol Security Using Public Blockchain

Communication on the Internet consisting of a massive number of Autonomous Systems (AS) depends on routing based on Border Gateway Protocol (BGP). Routers generally trust the veracity of information in BGP updates from their neighbors, as with many other routing protocols. However, this trust leaves the whole system vulnerable to multiple attacks, such as BGP hijacking. Several solutions have been proposed to increase the security of BGP routing protocol, most based on centralized Public Key Infrastructure, but their adoption has been relatively slow. Additionally, these solutions are open to attack on this centralized system. Decentralized alternatives utilizing blockchain to validate BGP updates have recently been proposed. The distributed nature of blockchain and its trustless environment increase the overall system security and conform to the distributed character of the BGP. All of the techniques based on blockchain concentrate on inspecting incoming BGP updates only. In this paper, we improve on these by modifying an existing architecture for the management of network devices. The original architecture adopted a private blockchain implementation of HyperLedger. On the other hand, we use the public blockchain Ethereum, more specifically the Ropsten testing environment. Our solution provides a module design for the management of AS border routers. It enables verification of the prefixes even before any router sends BGP updates announcing them. Thus, we eliminate fraudulent BGP origin announcements from the AS deploying our solution. Furthermore, blockchain provides storage options for configurations of edge routers and keeps the irrefutable history of all changes. We can analyze router settings history to detect whether the router advertised incorrect information, when and for how long.

[1]  Mark Weiser,et al.  Source Code , 1987, Computer.

[2]  Mario Zagar,et al.  Comparative analysis of blockchain consensus algorithms , 2018, 2018 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO).

[3]  Minseok Kwon,et al.  Detecting BGP Route Anomalies with Deep Learning , 2019, IEEE INFOCOM 2019 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[4]  Matt Lepinski,et al.  BGPsec Protocol Specification , 2017, RFC.

[5]  Nadeem Javaid,et al.  A Secure Data Sharing Platform Using Blockchain and Interplanetary File System , 2019, Sustainability.

[6]  Alberto Dainotti,et al.  BGP hijacking classification , 2019, 2019 Network Traffic Measurement and Analysis Conference (TMA).

[7]  Joseph Sarkis,et al.  Blockchain Practices, Potentials, and Perspectives in Greening Supply Chains , 2018, Sustainability.

[8]  Stephen T. Kent,et al.  An Infrastructure to Support Secure Internet Routing , 2012, RFC.

[9]  Susan Hares,et al.  A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.

[10]  Henri Arslanian,et al.  Blockchain As an Enabling Technology , 2019, The Future of Finance.

[11]  Yu Zhang,et al.  Deep Recurrent Entropy Adaptive Model for System Reliability Monitoring , 2021, IEEE Transactions on Industrial Informatics.

[12]  Ivan Kotuliak,et al.  Management and Monitoring of IoT Devices Using Blockchain † , 2019, Sensors.

[13]  Rong Zhang,et al.  Evaluation of Energy Consumption in Block-Chains with Proof of Work and Proof of Stake , 2020, Journal of Physics: Conference Series.

[14]  Ivan Kotuliak,et al.  Blockchain Adoption for Monitoring and Management of Enterprise Networks , 2018, 2018 IEEE 9th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON).

[15]  Yakov Rekhter,et al.  A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.

[16]  Khaled Salah,et al.  Decentralized document version control using ethereum blockchain and IPFS , 2019, Comput. Electr. Eng..

[17]  Aziz Mohaisen,et al.  RouteChain: Towards Blockchain-based Secure and Efficient BGP Routing , 2019, 2019 IEEE International Conference on Blockchain and Cryptocurrency (ICBC).

[18]  Hao Dang,et al.  BGP-LSChain: An Inter-domain Link State Sharing Framework Based on Blockchain , 2019, ICBCT.

[19]  T. V. Lakshman,et al.  The Internet Blockchain: A Distributed, Tamper-Resistant Transaction Framework for the Internet , 2016, HotNets.

[20]  Yuval Shavitt,et al.  A Deep Learning Approach for IP Hijack Detection Based on ASN Embedding , 2020, NetAI@SIGCOMM.

[21]  David Lee Kuo Chuen,et al.  Blockchain – From Public to Private , 2018 .

[22]  Baosheng Wang,et al.  BGPcoin: Blockchain-Based Internet Number Resource Authority and BGP Security Solution , 2018, Symmetry.

[23]  Thomas Engel,et al.  The state of affairs in BGP security: A survey of attacks and defenses , 2018, Comput. Commun..