摘要
随着互联网规模的急剧扩大,边界网关协议(BGP,border gateway protocol)在域间路由系统中的作用愈加重要。BGP本身存在很大的安全隐患,导致前缀劫持、AS_PATH劫持及路由泄露攻击事件频频发生,给互联网造成了严峻的安全威胁。目前,国内外针对路由泄露的介绍及安全研究机制相对较少。对BGP路由泄露进行了详细研究,介绍了BGP内容、路由策略及制定规则,分析了重大路由泄露安全事件及发生路由泄露的6种类型,并比较了当前针对路由泄露的安全机制和检测方法,最后对路由泄露安全防范机制提出了新的展望。
With the rapid expansion of the scale of Internet, BGP plays a more and more important role in the Inter domain routing system. BGP has a lot of security risks, which result in prefix hijacking, AS_PATH hijacking and route leak attacks occuring frequently, causing serious threats to the Internet. In currently, the content introduction and security research mechanism were little, so a detailed study of BGP route leak was carried out. The BGP protocol, route policy and established rules were introduced, six types of major route leak security incidents were analysised, the current security mechanisms and methods were summarized and compared to solve and detect route leak. In the last, a new prospect for the security and protection mechanism of route leak was proposed.
出处
《网络与信息安全学报》
2016年第8期54-61,共8页
Chinese Journal of Network and Information Security
基金
国家自然科学基金资助项目(No.61303242)~~