An immune-theory-based model for monitoring inter-domain routing system

Abstract

The inter-domain routing system faces many serious security threats because the border gateway protocol (BGP) lacks effective security mechanisms. However, there is no solution that satisfies the requirements of a real environment. To address this problem, we propose a new model based on immune theory to monitor the inter-domain routing system. We introduce the dynamic evolution models for the "self" and detection cells, and construct washout and update mechanisms for the memory detection cells. Furthermore, borrowing an idea from immune network theory, we present a new coordinative method to identify anomalous nodes in the inter-domain routing system. In this way, the more nodes working with their own information that join the coordinative network, the greater is the ability of the system to identify anomalous nodes through evaluation between nodes. Because it is not necessary to modify the BGP, the ITMM is easy to deploy and inexpensive to implement. The experimental results confirm the method's ability to detect abnormal routes and identify anomalous nodes in the inter-domain routing system.