Research On BGP Route Leak Detection Technique Based On Online As Relationship Inference

The uppermost layer of the Internet interconnects the autonomous system(AS)through BGP(Border Gateway Protocol),but the BGP design does not consider security issues.As the scale of the network expands,a series of security incidents occur in the autonomous domain.The research goal of this paper is to detect the route leakage event in BGP security events.The following research is carried out:This paper implements a public inter-domain routing data system that is the source of data for other BGP-related research.The system functions are divided into data acquisition,data processing,data analysis and data interface.Four public collection items are used as data sources.The monitoring point data is collected locally and processed and analyzed.This paper uses heuristic methods to infer the business relationship between autonomous domains.The method first obtains the autonomous domain path from the data system,then abstracts the graph structure according to the autonomous domain path,infers the top-level autonomous domain group according to the transfer degree,and finally uses the six heuristic rules based on the top-level autonomous domain group for connected autonomy.The domain is tagged with business relationships.This paper proposes a route leakage detection algorithm based on autonomous domain business relationship and no-valley model.The algorithm firstly uses the route leakage that violates the valley-free model as the criterion,then abstracts the obtained autonomous domain business relationship into a graph,and finally takes the autonomous domain path as input and detects the route leakage in the autonomous domain path.In this paper,the route leakage detection algorithm based on autonomous domain business relationship is finally realized.It is found through experiments that the inference of the autonomous domain business relationship depends on the completeness of the path preprocessing and the number of top-level autonomous domains,and because the relationship between the autonomous domains is not completely consistent with the valley.Models,business relationship-based route leak detection methods cannot cover all route leakage behaviors.