基于自治域协同的域间路由信誉模型

An inter-domain routing reputation model based on autonomous domain collaboration

域间路由系统自治域间的交互缺乏可信认证,建立针对自治域行为模式的信誉模型可为域间路由管理提供约束与激励,提高整体安全水平.由于域间路由系统分布自治、局部路由信息不完整,现有信誉评价方法无法从全局视角感知自治域行为,难以准确反映自治域可信程度及其变化.本文提出一种基于自治域协同的域间路由信誉模型.首先通过分析自治域路由行为统计特征,建立基于贝叶斯(Bayes)后验概率分析的自治域信誉量化指标,用于对目标自治域进行本地信誉评价;然后通过研究自治域属性与本地路由信息完整程度的关系,设计信誉加权聚合算法,采用多域协同方式计算目标自治域的全局信誉评价;最后设计信誉动态更新方法,以对连续恶意行为的自治域进行惩罚.基于真实安全事件的实验结果表明,该模型能够有效聚合各自治域本地信誉评价,捕捉自治域行为在不同时间阶段的细微变化,可为域间路由系统中异常路由抑制、安全事件溯源和供应商选取提供参考.

Interactions between autonomous systems(ASes)in inter-domain routing systems lack credibility authentication.Establishing a reputation model to evaluate AS behaviors can provide constraints and incentives for inter-domain routing management,thus improve the overall security.Due to the autonomous distributed nature and incomplete local routing information of inter-domain routing systems,existing reputation evaluation methods cannot perceive AS behaviors in a global perspective and reflect AS credibility dynamics accurately.We propose an inter-domain routing reputation model based on autonomous domain collaboration.We first analyze statistical characteristics of AS routing behaviors and establish a Bayesian-estimation-based AS reputation quantification index to evaluate local reputation of the target AS;Then,based on our investigation of relationships between AS properties and its local routing information integrity,we design a weighted reputation aggregation algorithm to compute global reputation of target AS in a multi-domain collaborative manner;Finally,we introduce a reputation updating method to penalize ASes with continuous malicious behaviors.Experimental results based on real incidents show that,the proposed model can effectively aggregate local reputation evaluations of participant ASes and capture AS behavior dynamics in different phases.The model can be used for abnormal routing suppression,security event source tracing,and provider selection in inter-domain routing systems.