Real-time verification tool of BGP routing information for preventing inter-domain routing misbehavior
MetadataShow full item record
Type of Workapplication/pdf
xv, 89 pages
DepartmentTowson University. Department of Computer and Information Sciences
RightsCopyright protected, all rights reserved.
There are no restrictions on access to this document. An internet release form signed by the author to display this document online is on file with Towson University Special Collections and Archives.
The Border Gateway Protocol (BGP) is an Inter-domain routing protocol that has gradually evolved over the past few decades. The main functionality of BGP is to exchange Network Layer Reachability Information (NLRI) using a BGP update message between autonomous systems (ASes) where BGP routers finds a better path to the destination using NLRI. However, BGP is highly vulnerable to hijacking attacks because BGP itself does not have a mechanism to validate the BGP message. Two well-known types of hijackings are IP prefix hijacking and AS path hijacking. As the number of IP hijacking incidents has increased, many IP hijacking monitoring tools have been implemented. However, none of the monitoring tools can directly control the data plane of BGP routers. Therefore, network administrators should protect their routers by using command line interface when the network administrator receives any warning from BGP hijacking monitoring tools. As the number of routers and prefixes continuously increases, checking the routing information in their routers manually is one of the big burdens on the administrators. In addition, when IP hijacking occurs, it is very important for the administrator to quickly block the bogus prefixes. Otherwise, thousands of traffic will be transferred to the wrong destination within a very short moment. We extended Quagga-SRx so that the Quagga-SRx can send a BGP update message including an opaque extend community to other iBGP peers for notifying bogus IP prefixes after detecting abnormal IP prefixes. As a result of this, the other iBGP peers can recognize bogus IP prefixes by accepting the BGP update message that includes the opaque extend community, and the iBGP peers can automatically block the bogus prefixes if the iBGP peers have the ability to process the opaque extend community. Therefore, when IP hijacking occurs, the bogus prefixes can be blocked automatically and quickly, which makes the ASes more secure. Even though many solutions are proposed to prevent IP hijacking, such as RPKI, BGPmon, Argus, and PHAS, all of the solutions except RPKI proposed so far can protect IP hijacking only through the origin validation. However, the origin validation cannot prevent AS path hijacking. In order to protect AS path hijacking, the SIDR working group proposed the RPKI using BGPSEC, but BGPSEC is currently a work in progress. So, we propose Secure AS_PATH BGP (SAPBGP) in which we monitor AS_PATH in update messages whether each AS in AS_PATH are connected to each other based on our policy database collected from RIPE NCC repository. Our analysis shows 4.57% of AS_PATH is invalid and 95.43% of AS_PATH is valid from the fifteenth of April in 2014 to the eighth of June in 2014. In addition, the performance test verifies that the SAPBGP can process all of the live BGP messages coming from BGPmon in real time. The invalid ASes from the experiment could be either the AS does not configure policies or the AS_PATH was manipulated by hijackers. For the precise experiment of the policy based AS_PATH validation, every router needs to configure policies against its peers.