Home // SECURWARE 2014, The Eighth International Conference on Emerging Security Information, Systems and Technologies // View article

The Policy-Based AS_PATH Verification to Monitor AS Path Hijacking

Authors:
Je-Kuk Yun
Beomseok Hong
Yanggon Kim

Keywords: border gateway protocol; interdomain routing; network security; networks; AS path hijacking.

Abstract:
As the number of IP prefix hijacking incidents has increased, many solutions are proposed to prevent IP prefix hijacking, such as RPKI, BGPmon, Argus, and PHAS. Except RPKI, all of the solutions proposed so far can protect ASes only through the origin validation. However, the origin validation cannot detect specified attacks that alter the AS_PATH attribute, such as AS Insertion attack and Invalid AS_PATH Data Insertion attack. In order to solve these problems, SIDR proposed the RPKI using BGPSEC, but BGPSEC is currently a work in progress. So, we propose Secure AS_PATH BGP (SAPBGP) in which we monitor the AS_PATH attribute in update messages whether each AS in the AS_PATH attribute are connected to each other based on our policy database collected from RIPE NCC repository. Our analysis shows 4.57% of the AS_PATH attribute is invalid and 95.43% of the AS_PATH attribute is valid from the fifteenth of April in 2014 to the eighth of June in 2014. In addition, the performance test verifies that the SAPBGP can process all of the live BGP messages coming from BGPmon in real time.

Pages: 20 to 24

Copyright: Copyright (c) IARIA, 2014

Publication date: November 16, 2014

Published in: conference

ISSN: 2162-2116

ISBN: 978-1-61208-376-6

Location: Lisbon, Portugal

Dates: from November 16, 2014 to November 20, 2014