期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于国际视图的域间路由异常监测

Inter-Domain Routing Monitoring Approach Based on International View
下载PDF
导出
摘要 域间路由安全监测方案由于部署方便和系统整体开销较小,在增强路由系统安全性方面得到了广泛应用。文章针对目前国内的监测方案在感知国内互联网路由安全态势方面的不足,提出基于国际视图的监测方法,并设计了相应的异常监测算法。异常监测算法包括国家级非法宣告前缀异常监测算法和国家级多源冲突异常监测算法。这是对目前监测方案的有力补充。该方法可以有效监测到国外AS对国内路由的劫持;同时评估国内非法宣告前缀对整个Internet的影响和在整个Internet上的扩散情况。 The inter-domain routing security monitoring system has been widely applied in enhancing the security of routing system,for the advantage of deployment and light overall system load.For the deficiencies of current approaches in perceiving domestic routing security state,integrated multiple route views from both domestic and foreign route information,and designed corresponding anomaly detection algorithms.Anomaly detection algorithms,includes the state-level illegal declaration of the prefix algorithm and the state-level multiple origin AS conflicts algorithm.By utilizing international route views,the approach can protect domestic routing system by perceiving hijacks originated from foreign ASs,and restrict domestic ASs from spreading illegal route announcements to foreign countries.
作者 陈亮 李思嘉 朱培栋 刘欣
机构地区 国防科学技术大学计算机学院 国防科学技术大学机电工程与自动化学院 湖南联通公司
出处 《计算机技术与发展》 2012年第3期19-22,27,共5页 Computer Technology and Development
基金 国家自然科学基金(60873214)
关键词 国际视图 域间路由 路由监测 非法前缀宣告 international view inter-domain routing routing monitoring illegal prefix declaration
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献12

  • 1Rekhter Y,Li T.A border gateway protocol 4(BGP-4)[S].IETF Internet RFC,RFC4271,2006.
  • 2Oliveira R,Zhang Beichuan,Zhang Lixia.Observing the Evo-lution of Internet AS Topology[C]//SIGCOMM.Kyoto,Ja-pan:[s.n.],2007.
  • 3胡湘江,朱培栋,龚正虎.域间路由协议BGP安全性研究[J].计算机工程与科学,2007,29(9):5-8. 被引量:3
  • 4FeldMann A,Maennel O,Mao Z M,et al.Locating internetrouting instabilities[C]//SIGCOMM.[s.l.]:[s.n.],2004.
  • 5Mayer D.University of oregon route views project[EB/OL].2003.http://www.routeviews.org/.
  • 6RIPE RIS Project[EB/OL].2002.http://data.ris.ripe.net/.
  • 7Telstra CIDR Report[R/OL].1997.http://bgp.potaroo.net/as1221/.
  • 8Cymru T.The team cymru bogon route server project[EB/OL].2004.http://www.cymru.com/Documents/bogon-list.html.
  • 9Ripe’s MyASN[EB/OL].[2008-03-04].http://www.ris.ripe.net/myasn.html.
  • 10Lad M,Massey D,Pei D,et al.PHAS:A prefix hijack alertsystem[C]//Proc USENIX Security Symp.[s.l.]:[s.n.],2006:153-166.

二级参考文献25

  • 1刘欣,朱培栋.BGP路由表中环形路由现象分析[J].计算机工程,2005,31(14):67-69. 被引量:2
  • 2Rekhter Y,Li T,Hares S.A Border Gateway Protoool 4 (BGP4)[S].RFC 4271,2006.
  • 3Christian B,Tauber T.BGP Security Vulnerabilities Analysis[S].RFC 4272,2006.
  • 4Perlman R.Network Layer Protocols with Byzantine Robustness:[Ph D Dissertation][D].Department of Electrical Engineering and Computer Science,Massachusetts Insititute of Technology,1988.
  • 5Kent S,Lynn C,Seo K.Secure Border Gateway Protocol (S-BGP)[J].IEEE Journal on Selected Areas in Communications,2000,18(4):582-592.
  • 6Meyer C,Partan A.BGP Security,Availability and Operator Needs[EB/OL].http:// www.nanog.org/mtg-0306/pdf/meyer.pdf,2003-07.
  • 7http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_6-3/securing_bgp_sobgp.html,2003-06.
  • 8Aiello W,Ioannidis J,McDaniel P.Origin Authentication in Interdomain Routing[A].Proc of ACM CCS'03[C].2003.
  • 9Wan T,Kranakis E,Oorschot P.Pretty Secure BGP[A].Proc of the 10th ACM Int'l Conf on Network and Distributed Systems Security[C].2005.
  • 10Hu Y,Perrig A,Sirbu M.SPV:Secure Path Vector Routing for Securing BGP[A].Proc of ACM SIGCOMM'04[C].2004.

共引文献4

计算机技术与发展
2012年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部