Coordinated monitoring method for preventing BGP routing hijacking

A border gateway protocol and routing technology, applied in the direction of data exchange network, digital transmission system, electrical components, etc., can solve the problem of not getting targeted and effective network security services

Inactive Publication Date: 2012-03-28
NAT UNIV OF DEFENSE TECH
View PDF2 Cites 30 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

These autonomous systems have set up a network infrastructure dedicated to providing data for RouteViews and RIPE-RIS, but they themselves have not received targeted and effective network security services

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Coordinated monitoring method for preventing BGP routing hijacking
  • Coordinated monitoring method for preventing BGP routing hijacking
  • Coordinated monitoring method for preventing BGP routing hijacking

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0115] figure 1 It is a schematic diagram of the interconnection of monitors in an autonomous system (AS). For backup purposes, each monitor is preferably interconnected with two or more internal neighbors. There are various organizational forms of border routers inside an AS, including iBGP full mesh, route reflector, and BGP federation. Depending on the interconnection mode between the border routers inside the AS, the internal neighbors that the monitors are connected to are also slightly different. (1) For ASs using iBGP fully interconnected border routers, such as figure 1 As shown in (a), the monitor needs to establish a BGP session with any two or more routers among them; (2) for the AS that adopts the route reflection deployment method, such as figure 1 As shown in (b), the monitor needs to establish a BGP session with any two or more of the route reflectors (Route Reflector, RR), and the monitor is configured as a client (Route Client, RC) of the route reflector; (...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a coordinated monitoring method for preventing BGP (Border Gateway Protocol) routing hijacking (including prefix hijacking and next hop hijacking). The technical scheme is that an AS (Application Server) participating the coordination utilizes an original or newly-set server to run the BGP, sets a BGP session for acquiring routing updating messages together with one or more internal routers, and simultaneously sets a coordinated monitoring session together with monitoring servers in a plurality of other ASs, and the coordinated monitoring method particularly consists of a routing updating monitoring method and a session state monitoring method. On a control plane, the routing updating messages acquired by the session are analyzed and monitored, and the BGP prefix hijacking and the next hop hijacking are detected; and on a data plane, the coordinated monitoring session states are maintained and detected to discover routing hijacking events of a coordinating network per se in real time. The present network management and measurement facilities in the AS, as well as data acquisition facilities set by a public routing data dissemination project, and are fully utilized to build the coordinating network for monitoring the BGP prefix hijacking and the next hop hijacking through coordination and integration of conventional network resources.

Description

technical field [0001] The invention provides a collaborative monitoring method for preventing border gateway protocol (BGP) route hijacking (including prefix hijacking and next hop hijacking), which belongs to the technical field of computer network security. Background technique [0002] The Internet is the product of the integration of computer technology and communication technology. Since the mid-1990s, with the rapid growth of network scale and the increasing number of Internet-based business applications, the Internet has gradually evolved into an important information infrastructure for human society. In order to enhance scalability, the Internet adopts a hierarchical routing architecture, which is divided into two levels: "intra-domain" and "inter-domain" at the granularity of the autonomous system (Autonomous System, AS). An autonomous system is defined as a group of routing devices that run under a unified policy and present a consistent routing policy. Border Ga...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26H04L12/56H04L29/06H04L29/08
Inventor 朱培栋王小强陈颖文郑倩冰胡罡徐明陈侃曹华阳
Owner NAT UNIV OF DEFENSE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap