Формальний опис об’єктів і процесів глобальної маршрутизації у мережі Інтернет для оцінки впливу кібератак на маршрутизацію

Abstract

Attacks on the global routing, in particular hijacking and interception of routes (route hijack and route leak), are one of the large-scale problems of cybersecurity. Prefix hijacking is a phenomenon in which the Autonomous System (AS) illegally declares itself as a prefix source instead of a genuine source. Leakage of route means that AS illegally, in violation of the routing policy, offers routes to other people's prefixes. These illegitimate routes contaminate BGP routing tables, distort network traffic paths, and affect the privacy, integrity, and availability of IP communications. These attacks are used to manipulate traffic in order to destabilize the Internet, espionage, theft, causing material damage.One of the most important steps in modeling the impact of attacks on routing is the construction of a formal model of global Internet routing. In this paper, we propose a formal description of global routing objects — autonomous systems, IP prefixes, BGP announcements, and the relationships between them: the IP address space as a set of IP prefixes, IP prefixes grouping and their incapsulation principles and concepts, the set of routes, and the concept of best path resolving.A formal description of the routing process in accordance with the best path selection criteria is also given. The special attention is paid to the argumentation of the possibility of applying the results to the IPv6 address space. Tabl.: 1. Fig.: 1. Refs: 10 titles.