On interdomain routing security and pretty secure BGP (psBGP)
ACM Transactions on Information and System Security (TISSEC)
PHAS: a prefix hijack alert system
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Pretty Good BGP: Improving BGP by Cautiously Adopting Routes
ICNP '06 Proceedings of the Proceedings of the 2006 IEEE International Conference on Network Protocols
Secure Border Gateway Protocol (S-BGP)
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
The Border Gateway Protocol (BGP) is the routing protocol that enables large IP networks to form a single Internet. The main objective of BGP is to exchange Network Layer Reachability Information (NLRI) between Autonomous Systems (ASes) so that a BGP speaker can announce their IP prefix and find a path to the destination of packets. However, a BGP hijacker can pretend to be any third BGP speaker because BGP itself doesn't have the functionality of validating BGP messages. In order to solve this problem, BGP speaker needs to validate messages coming from other BGP speakers. In this paper, we propose the BGP Monitoring and Alarm System (BGPMAS) which monitors incoming announcements and starts to make sounds of the alarm if the BGPMAS detects an invalid announcement. In addition, the BGPMAS provides AS administrators with web service to show where the invalid message is coming from so that the administrators can rapidly deal with the IP prefix hijacking by ignoring the malicious BGP router's prefix. In order to set this environment, the BGPMAS needs to be connected to the BGP router and the AS administrator needs the Alarm Application (AA) which will make sounds of the alarm and the AA receives a signal from the BGPMAS when the BGPMAS detect an invalid announcement. As a result, the BGP routers can easily have the RPKI-based origin validation function with the BGPMAS.