摘要
域间路由协同监测无需扩展原有BGP协议、支持增量部署且实现成本低,是目前解决域间路由系统安全问题较为有效且可行的一种方法.然而参与节点的行为自治、多变,在协同监测过程中或者隐藏部分路由信息或者共享路由信息的意愿较低,致使难以获取到足够全面、详细的路由监测信息,从而降低了域间路由协同监测的可用性.将上述问题抽象为非合作博弈问题,并基于博弈论的思想,提出一种域间路由协同监测激励策略GTIS.利用信誉状态参数量化描述节点的行为表现,然后根据节点在各次信息交互时的行为策略选择,对其信誉状态进行动态调整,从而以获取更大的长期收益为驱动,鼓励节点选择友好的行为策略.同时制定"人性化"的惩罚机制遏制节点的投机行为,对行为多次偏离的节点进行叠加惩罚,有效区分"初犯"节点和"惯犯"节点.实验结果表明,GTIS策略能够有效激励节点积极、诚实地参与协同监测,提高协同节点间信息交互的成功率,为域间路由协同监测的高效运行提供有力支撑.
The cooperative monitoring, which supports incremental deployment and does not modify the BGP protocol, is one of the best ways to improve the security of the BGP-based inter-domain routing system. However, the behavior of its participants is autonomous and changeable for getting much more profit, which makes the cooperative network work in low efficiency. In this paper, the above problem is depicted as a noncooperative game, and based on the Game Theory, GTIS, an incentive strategy for the inter-domain routing cooperative monitoring, is proposed. In GTIS, the reputation status is used to describe the performance of a node in the cooperative network. It encourages nodes to choose positive and honest behavior strategies for greater and long-term benefits. At the same time, a "humane" punishment mechanism is developed to curb speculation nodes. If a node departs from the normal many times in its life period, it will be punished superimposed. By this way, the "first offender" nodes and the "recidivist" nodes can be effectively distinguished. Theoretical analysis and simulation results show that with the GTIS strategy, cooperative nodes turn to be positive and honest when exchanging routing information, so that the success rate of information exchange between nodes becomes higher.
出处
《中国科学:信息科学》
CSCD
2012年第7期803-814,共12页
Scientia Sinica(Informationis)
基金
国家重点基础研究发展计划(批准号:2012CB315901
2007CB307102)资助项目
关键词
协同监测
非合作博弈
信誉评价
行为策略
惩罚机制
博弈论
网络安全
路由协议
cooperative monitoring; noncooperative game; reputation evaluate; behavior strategy; punishment mechanism; game theory; network security; routing protocols
