Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CONEXT
2007
ACM
2007
ACM
Practical defenses against BGP prefix hijacking
Prefix hijacking, a misbehavior in which a misconfigured or malicious BGP router originates a route to an IP prefix it does not own, is becoming an increasingly serious security problem in the Internet. In this paper, we conduct a first comprehensive study on incrementally deployable mitigation solutions against prefix hijacking. We first propose a novel reactive detection-assisted solution based on the idea of bogus route purging and valid route promotion. Our simulations based on realistic settings show that purging bogus routes at 20 highest-degree ASes reduces the polluted portion of the Internet by a random prefix hijack down to 24%, and adding promotion further reduces the remaining pollution by 33% 57%, even defending against attack collusion. We prove that our proposed route purging and promotion scheme preserve the convergence properties of BGP regardless of the number of promoters. We are the first to demonstrate that detection systems based on a limited number of BGP feeds...
Real-time Traffic| Added | 14 Aug 2010 |
| Updated | 14 Aug 2010 |
| Type | Conference |
| Year | 2007 |
| Where | CONEXT |
| Authors | Zheng Zhang, Ying Zhang, Y. Charlie Hu, Zhuoqing Morley Mao |
Comments (0)
Researcher Info
|
