Abstract
Border Gateway Protocol (BGP) is the inter-domain routing protocol in the global Internet. While its critical vulnerability due to lacking of verification causes many risks such as prefix hijacking, path tampering and route leak. It has been a number of effective solutions proposed for prefix hijacking and path tampering. But route leak is difficult to be detected, because it only violates the outbound route policy. In this paper, we use the RouteViews to capture the BGP Update messages in the Internet and analyze the network routes which may leaked. On the basis of analyzing some advantages and disadvantages of the related works, we propose three security mechanisms against the error configuration and malicious attack causing route leak. These mechanisms make use of the BGPsec encryption and signature mechanism to protect the Autonomous System (AS) business relationship and to defense route leak. Finally, we verify the feasibility and effectiveness of the proposed security mechanisms by simulations with Quagga.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
