Research On Techniques Of BGP Route Leak Detection Based On Blockchain

Border gateway protocol(BGP)is used to connect ASes in the Internet.However,BGP did not consider the security at the beginning of its design,which leads to frequent threats to inter domain routing security.Among them,route leak is an important reason to threaten the security of inter domain routing system,which may cause large-scale internet network interruption.It is necessary to detect and prevent the occurrence of route leak to ensure the security of inter domain routing.Aiming at the problems of existing routing leak detection schemes,this paper proposes a BGP routing leak detection architecture RLDA based on blockchain technique.The main work of this paper is as follows.(1)In order to solve the problems of tamperable source data,opaque and nonstandard construction process of legitimate routing mode in existing routing leak detection schemes,a detection architecture RLDA based on blockchain is proposed.Blockchain has the characteristics of tamper-proof,transparency and intelligent contract automation,which can help solve the above problems in the field of route leak detection.RLDA architecture mainly includes three parts: Construction of legal routing mode,detection and processing of routing leak,and relay network.Among them,BGP router uses the routing mode data managed by RLDA node to detect the route leak and feeds back the detection results to RLDA node.The relay network reduces the risk of network disconnection by adding redundant nodes,to protect the blockchain network connectivity.(2)At present,the detection data used in the construction of legal routing mode is single,and the inter domain routing model is simple.Based on this,the construction technology of legal routing mode VRPC is proposed.VRPC manages three types of data: routing policy,autonomous domain relationship and routing expectation.Autonomous domain can publish any of the above data in the blockchain.Intelligent contract is responsible for inferring routing policy as autonomous domain relationship.Autonomous domain relationship and routing expectation constitute a legal routing mode.This paper proposes an autonomous domain relationship inference algorithm based on routing strategy.The algorithm is designed with routing strategy analysis,conflict marking,strategy matrix construction and relationship extraction.(3)In order to solve the problem of lack of mitigation mechanism and feedback mechanism in existing route leak detection schemes,a multi-party routing leak detection and processing mechanism MRLDD is proposed.When route leak is found,measures are taken to mitigate route leak from discoverer,receiver,and leaker respectively for blockchain and BGP system,to eliminate the existing impact and prevent further propagation of route leak.When no route leak is found,legitimate routes are used to infer the relationship between ASes and the results are fed back to VRPC.According to the existing research work,this paper implements the RLDA prototype architecture based on Hyperledger Fabric,and tests the RLDA prototype architecture from static analysis,function,and performance.The test results show that RLDA prototype architecture performs well in security,functionality,and timeliness,and meets the functional requirements of autonomous domain for routing detection architecture.The validity of RLDA is verified by evaluating the correctness of the key algorithms in RLDA,and by simulating the deployment effect of RLDA.