Regresar

Region-based bgp announcement filtering for improved bgp security

Abstract:

BGP prefix hijacking is a serious security threat on the Internet. In this paper we propose a region-based BGP announcement filtering scheme (RBF) to improve the BGP security. In contrast to existing solutions that indifferently prevent or detect prefix hijacking attacks, RBF enables differentiated AS and prefix filtering treatment and blends prefix hijacking prevention with deterrence. RBF is a light-weight BGP security scheme that provides strong incremental deployment incentive and better prefix hijacking deterrence. Experimental studies based on real Internet numbers allocation information and BGP traces show that RBF is a feasible and effective scheme in improving BGP security. For example, on the days without known BGP prefix hijacking attacks, only a small number of BGP announcements will be flagged as attacks. Importantly, by applying RBF to known BGP prefix hijacking attacks, we show that RBF can …

Año de publicación:

2010

Keywords:

    Fuente:

    googlegoogle

    Tipo de documento:

    Other

    Estado:

    Acceso abierto

    Áreas de conocimiento:

    • Red informática
    • Ciencias de la computación

    Áreas temáticas:

    • Programación informática, programas, datos, seguridad

    Contribuidores:

    Fernando SanchezFernando Sanchez