论文信息 - Route Diagnosis in Path Vector Protocols

Route Diagnosis in Path Vector Protocols

In this paper we present a novel approach to route diagnosis for path-vector routing protocols such as the Internet’s Border Gateway Protocol (BGP). Given a sequence of routing updates, our objective is to understand why a previous path was removed, why the specific new path is chosen among all existing alternatives, and whether any of the routers along the path injected false information. We collect necessary topological information for route diagnosis by inferring topological connectivity from routing updates, enhancing the path vector protocol with root cause notification, and using active queries between neighbor routers to learn missing information when necessary. In the absence of false routing updates, our design can reason about route removals and replacements with 100% accuracy. We also use majority votes among independent information sources, combined with active queries, to identify the source of false routing updates. Simulation results show that, in the presence of false updates, our design can achieve high detection rate and attacker identification rate with a low overhead.

Lixia Zhang | Beichuan Zhang | Dan Pei | D. Massey | M. Lad

[1] Radia J. Perlman,et al. Network layer protocols with Byzantine robustness , 1988 .

[2] Stephen T. Kent,et al. Secure Border Gateway Protocol (S-BGP) , 2000, IEEE Journal on Selected Areas in Communications.

[3] Lixin Gao. On inferring autonomous system relationships in the internet , 2001, TNET.

[4] Patrick D. McDaniel,et al. Working around BGP: An Incremental Approach to Improving Security and Accuracy in Interdomain Routing , 2003, NDSS.

[5] Ramesh Govindan,et al. The temporal and topological characteristics of BGP path changes , 2003, 11th IEEE International Conference on Network Protocols, 2003. Proceedings..

[6] Daniel Massey,et al. An algorithmic approach to identifying link failures , 2004, 10th IEEE Pacific Rim International Symposium on Dependable Computing, 2004. Proceedings..

[7] Jaideep Chandrashekar,et al. Fixing BGP, one as at a time , 2004, NetT '04.

[8] A. Perrig,et al. SPV: secure path vector routing for securing BGP , 2004, SIGCOMM '04.

[9] Volker Roth,et al. Listen and whisper: security mechanisms for BGP , 2004 .

[10] Joseph Kee-yin Ng,et al. Extensions to BGP to Support Secure Origin BGP , 2004 .

[11] Anja Feldmann,et al. Locating internet routing instabilities , 2004, SIGCOMM '04.

[12] Daniel Massey,et al. BGP-RCN: improving BGP convergence through root cause notification , 2005, Comput. Networks.

[13] R. Katz,et al. Towards Root Cause Analysis of Internet Routing Dynamics , 2022 .