On the classification and false alarm of invalid prefixes in RPKI based BGP route origin validation

机译：基于RPKI的BGP路由源验证中无效前缀的分类和虚警。

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

BGP is the default inter-domain routing protocol in today's Internet, but has serious security vulnerabilities [1]. One of them is (sub)prefix hijacking. IETF standardizes RPKI to validate the AS origin but RPKI has a lot of problems [2] [3] [4] [5], among which is potential false alarm. Although some previous work [4] [2] points it out explicitly or implicitly, further measurement and analysis remain to be done. Our work measures and analyzes the invalid prefixes systematically. We first classify the invalid prefixes into six different types and then analyze their stability. We show that a large proportion of the invalid prefixes very likely result from traffic engineering, IP address transfer and failing to aggregate rather than real hijackings.

机译：BGP是当今Internet中默认的域间路由协议，但具有严重的安全漏洞[1]。其中一个是（子）前缀劫持。 IETF标准化RPKI验证原点，但RPKI有很多问题[2] [3] [4] [5]，其中潜在的误报。虽然有些先前的工作[4] [2]明确或隐含地指出，但仍有待进一步的测量和分析。我们的工作措施并系统地分析无效的前缀。我们首先将无效前缀分类为六种不同类型，然后分析它们的稳定性。我们表明，很大一部分无效的前缀可能来自流量工程，IP地址传输，并且无法汇总而不是真正的劫持。

著录项

来源
《IFIP/IEEE Symposium on Integrated Network and Service Management》|2019年|654-658|共5页
会议地点
作者
Wenjie Xu; Deliang Chang; Xing Li;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Routing; Internet; Aggregates; IP networks; Forestry; Routing protocols; Security;

机译：路由;互联网;聚合; IP网络;林业;路由协议;安全性;

相似文献

外文文献
中文文献
专利

1. Towards Detecting BGP Route Hijacking using the RPKI [J] . Matthias Waehlisch, Olaf Maennel, Thomas C. Schmidt Computer communication review . 2012,第4期

机译：使用RPKI进行BGP路由劫持的检测
2. A Comparative Study on IP Prefixes and their Origin ASes in BGP and the IRR [J] . Akmal Khan, Hyun-chul Kim, Ted Taekyoung Kwon, Computer communication review . 2013,第3期

机译：BGP和IRR中IP前缀及其来源AS的比较研究
3. Towards a Rigorous Methodology for Measuring Adoption of RPKI Route Validation and Filtering [J] . Andreas Reuter, Randy Bush, Italo Cunha, Computer communication review . 2018,第1期

机译：迈向衡量RPKI路线验证和过滤采用率的严格方法
4. On the classification and false alarm of invalid prefixes in RPKI based BGP route origin validation [C] . Wenjie Xu, Deliang Chang, Xing Li IFIP/IEEE Symposium on Integrated Network and Service Management . 2019

机译：基于RPKI基于BGP路由原点验证的无效前缀的分类和误报
5. Enhanced Filtering of False Alarm for the 5th Generation Fighter Aircraft Using Machine Learning Classification [D] . Her, Nathan. 2019

机译：使用机器学习分类增强了第五代战斗机的误报过滤
6. Single-modal and multi-modal false arrhythmia alarm reduction using attention-based convolutional and recurrent neural networks [O] . Sajad Mousavi, Atiyeh Fotoohinasab, Fatemeh Afghah 2020

机译：使用基于注意力的卷积和经常性神经网络的单模和多模态假心律失常报警
7. Covering Prefixes Outbound Route Filter for BGP-4 [O] . H. Jeng, R. Bonica, Y. Rekhter 2013

机译：覆盖BGp-4的前缀出站路由过滤器

On the classification and false alarm of invalid prefixes in RPKI based BGP route origin validation

摘要

著录项

相似文献

相关主题

期刊订阅