Abstract
The inter-domain routing system faces many serious security threats because the border gateway protocol (BGP) lacks effective security mechanisms. However, there is no solution that satisfies the requirements of a real environment. To address this problem, we propose a new model based on immune theory to monitor the inter-domain routing system. We introduce the dynamic evolution models for the “self” and detection cells, and construct washout and update mechanisms for the memory detection cells. Furthermore, borrowing an idea from immune network theory, we present a new coordinative method to identify anomalous nodes in the inter-domain routing system. In this way, the more nodes working with their own information that join the coordinative network, the greater is the ability of the system to identify anomalous nodes through evaluation between nodes. Because it is not necessary to modify the BGP, the ITMM is easy to deploy and inexpensive to implement. The experimental results confirm the method’s ability to detect abnormal routes and identify anomalous nodes in the inter-domain routing system.
Article PDF
Similar content being viewed by others
Avoid common mistakes on your manuscript.
References
Rekhter Y, Li T, Hares S. A border gateway protocol 4 (BGP-4). http://www.ietf.org/rfc/rfc4271.txt
Siganos G, Faloutsos M. Neighborhood watch for internet routing: Can we improve the robustness of internet routing today? In: Proceedings of IEEE INFOCOM, Anchorage, Alaska, USA, 2007
Chavali S, Radoaca V, Miri M, et al. Peer prefix limits exchange in BGP IETF draft. http://tools.ietf.org/html/draftchavalibgp-prefixlimit
Barbir A, Murphy S, Yang Y. Generic threats to routing protocols. http://www.ietf.org/rfc/rfc4593.txt
Wan T, Oorschot C. Analysis of BGP prefix origins during Google’s May 2005 outage. In: Spirakis P, ed. Proc. of the Security in Systems and Networks. Washington: IEEE Computer Society Press, 2006. 8–15
Karlin J, Forrest S, Rexford J. Autonomous security for autonomous systems. Comput Netw, 2008, 52: 2908–2923
Kent S, Lynn C, Seo K. Secure border gateway protocol (S-BGP). IEEE J Select Areas Commun (Special Issue on Network Security), 2000, 18: 582–592
White R. Securing BGP through secure origin BGP. Int Protocol J, 2003, 6: 15–22
Goodell G, Aiello W, Griffin T, et al. Working around BGP: An incremental approach to improving security and accuracy of inter-domain routing. In: Proc. Of the ISOC NDSS 2003, San Diego, 2003. 75–85
Subramanian L, Roth V, Stoica I, et al. Security mechanisms for BGP. In: Proc. of the 1st Symp. on Networked Systems Design and Implementation (NSDI 2004), San Francisco: USENIX, 2004. 127–140
Aiello W, Ioannidis J, McDaniel P. Origin authentication in Inter-domain routing. In: Proc. of the 10th ACM Conf. on Computer and Communications Security. Washington: ACM, 2003. 165–178
Wan T, Kranakis E, Oorschot P C. Pretty secure BGP (psBGP). In: Proc of the 12th Annual Network and Distributed System Security Symposium (NDSS’05). San Diego, California: Internet Society, 2005
Hu C, Perring A, Sirbu M. SPV: Secure path vector routing for securing BGP. In: Yavatkar R, ed. Proc. of the ACM SIGCOMM. Washington: ACM Press, 2004. 179–192
Gao L, Gong Z H, Liu Y P, et al. A TLP approach for BGP based on local speculation. Sci China Ser F-Inf Sci, 2008, 38: 1663–1678
Lad M, Massey D, Pei D. PHAS: a prefix hijack alert system. In: Proc of the 15th USENIX Security Symposium (USENIX-SS’06): Vancouver BC Canada USENIX Association, 2006. 18–l19
Liu X, Wang X Q, Zhu P D, et al. Security evaluation for inter-domain routing system in the Internet (in Chinese). J Comput Res Devel, 2009, 46: 1669–1677
Lu X C, Zhao J J, Zhu P D, et al. Self-organization of inter-domain routing system. Chin J Softw, 2006, l7: 1922–1932
Wang L, Liu X Y. A study on a coordinative immune-computing model. Acta Electr Sin, 2009, 37: 1739–1744
Esponda F, Forrest S, Helman P. A formal framework for positive and negative detection. IEEE Trans Syst Man Cybern B, 2004, 34: 357–373
Erica K. Inspired by immunity. Nature, 2002, 415: 468–470
Deng W P, Zhu P D, Lu X C. On evaluating BGP routing stress attack. J Commun, 2010, 5: 13–22
Prehofer C, Bettstetter C. Self-organization in communication networks: Principles and design paradigms. IEEE Commun Mag, 2005, 43: 78–85
Li T. An immune based model for network monitoring. Chin J Comput, 2006, 29: 1515–1522
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Guo, Y., Wang, Z. An immune-theory-based model for monitoring inter-domain routing system. Sci. China Inf. Sci. 55, 2358–2368 (2012). https://doi.org/10.1007/s11432-011-4451-0
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11432-011-4451-0