Home // International Journal On Advances in Security, volume 8, numbers 1 and 2, 2015 // View article


The Policy-Based AS_PATH Verification to Prevent 1-Hop AS Path Hijacking By Monitoring BGP Live Streams

Authors:
Je-Kuk Yun
Beomseok Hong
Yanggon Kim

Keywords: border gateway protocol; interdomain routing; network security; networks; AS path hijacking.

Abstract:
As the number of IP prefix hijacking incidents has increased, many solutions are proposed to prevent IP prefix hijacking, such as RPKI, BGPmon, Argus, and PHAS. Except RPKI, all of the solutions proposed so far can protect ASes only through the origin validation. However, the origin validation cannot detect specified attacks that alter the AS_PATH attribute, such as AS Insertion attack and Invalid AS_PATH Data Insertion attack. In order to solve these problems, the SIDR working group proposed the RPKI using BGPsec, but BGPsec is currently a work in progress. So, we propose Secure AS_PATH BGP (SAPBGP) in which we monitor the AS_PATH attribute in BGP update messages whether each AS in the AS_PATH attribute are connected to each other based on our policy database collected from RIPE NCC repository. Our analysis shows 1.67% of the AS_PATH attributes is invalid and 98.33% of the AS_PATH attributes is valid based on original data including duplication from the ninth of February in 2014 to the fifth of February in 2015. In addition, our results state that 94.41% of the AS_PATH attributes is invalid and 94.41% of the AS_PATH attributes is valid after removing duplicated the AS_PATH attributes. We conducted the performance test and it verified that the SAPBGP can process all of the live BGP messages coming from BGPmon in real time.

Pages: 79 to 88

Copyright: Copyright (c) to authors, 2015. Used with permission.

Publication date: June 30, 2015

Published in: journal

ISSN: 1942-2636