SDBGPChain: A decentralized low complexity framework to detect and prevent the BGPattacks using SDN with smart contract based Dendrimer tree blockchain

Abstract

The Border Gateway Protocol (BGP) helps to exchange the information over the internet. However, BGP is susceptible to malicious attacks and misconfigurations meanwhile BGP does not focus on providing security during routing information advertisement. The secure BGP environment provides constant routing services on the internet, but existing works does not provide an optimal solution for BGP router security. To overcome these issues, we proposed decentralized low complexity framework for providing security to BGP attacks using deep learning and blockchain technologies. The proposed SDBGPChain (SDN based BGP using dendrimer tree blockchain) model whereas the SDN provides network management, flexibility and scalability for BGP environment, the proposed work includes three processes such as entity authentication, low complexity BGP attack detection and prevention, and deep learning-based route update validation. Initially, users and BGP routers are authenticated using Enhanced Blowfish and Elliptical Curve Cryptography (EB-ECC) which generated the unique key using EB algorithm and the unique is encrypted by enhanced ECC for improving security. Every Autonomous System (AS) is constructed as a graph structure using Directed Acyclic Graph (DAG) which improves the scalability and interoperability of the network. Secondly, we perform BGP attack detection using Dual Agent based Twin Actor Twin Delayed Deep Deterministic Policy Gradient (DA-T2TD3) algorithm by performing both proactive and reactive methods. Finally, we perform route update validation by Gated Recurrent Unit (GRU) by considering update message tuples which validate the updates by identifying misconfigurations and errors in the updated messages. Here, updated messages are passed to the blockchain for validation using the DiemBFT consensus algorithm which improves high security. The simulation of the proposed SDBGPChain model is conducted by OMNET++ simulation tool, and the performance of this work is evaluated based on various performance metrics such as Packet drop ratio (0.22), Throughput (39.8 bits/sec), Block validation time (20.2 s), Detection accuracy ((no. of attacks 92.5%) and (no of anomalies 93%)), and Network traffic (27.6%) which proved that the proposed work achieved superior performance compared to state-of-the-art works.