TY - GEN
T1 - Efficient techniques for detecting false origin advertisements in inter-domain routing
AU - Qiu, Sophie Y.
AU - Monrose, Fabian
AU - Terzis, Andreas
AU - McDaniel, Patrick D.
N1 - Copyright:
Copyright 2011 Elsevier B.V., All rights reserved.
PY - 2006
Y1 - 2006
N2 - The Border Gateway Protocol (BGP), and hence the Internet, remains critically vulnerable to a range of prefix forgery attacks. In this paper, we address these attacks by proposing a non-cryptographic, incrementally deployable mechanism to probabilistically detect forged BGP origin advertisements. Upon receiving an advertisement from a "suspicious" origin, the receiving domain intelligently probes other ASes about the received information. Any dissenting information indicates potential forgery or error, and is reported by the polled ASes to the true origin and processed appropriately. In this design, we exploit the fact that the highly connected AStopology makes it difficult to block the dissemination of information as it traverses the Internet. We evaluate the effectiveness of our probing mechanism via simulation on realistic Internet topologies. The experiments show that 98% of forgeries can be detected even when as few as 10% of the ASes participate in the protocol under a naïve polling stratagem. Moreover; we show that judicious node selection can further improve detection rates while minimizing the number of probes.
AB - The Border Gateway Protocol (BGP), and hence the Internet, remains critically vulnerable to a range of prefix forgery attacks. In this paper, we address these attacks by proposing a non-cryptographic, incrementally deployable mechanism to probabilistically detect forged BGP origin advertisements. Upon receiving an advertisement from a "suspicious" origin, the receiving domain intelligently probes other ASes about the received information. Any dissenting information indicates potential forgery or error, and is reported by the polled ASes to the true origin and processed appropriately. In this design, we exploit the fact that the highly connected AStopology makes it difficult to block the dissemination of information as it traverses the Internet. We evaluate the effectiveness of our probing mechanism via simulation on realistic Internet topologies. The experiments show that 98% of forgeries can be detected even when as few as 10% of the ASes participate in the protocol under a naïve polling stratagem. Moreover; we show that judicious node selection can further improve detection rates while minimizing the number of probes.
UR - http://www.scopus.com/inward/record.url?scp=38549165399&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=38549165399&partnerID=8YFLogxK
U2 - 10.1109/NPSEC.2006.320341
DO - 10.1109/NPSEC.2006.320341
M3 - Conference contribution
AN - SCOPUS:38549165399
SN - 1424407737
SN - 9781424407736
T3 - 2nd Workshop on Secure Network Protocols, NPSec
SP - 12
EP - 19
BT - 2nd Workshop on Secure Network Protocols, NPSec
T2 - 2006 2nd Workshop on Secure Network Protocols, NPSec
Y2 - 12 November 2006 through 12 November 2006
ER -