Design And Improve The National Inter-domain Routing Monitoring System

In the last 40 years, with the commercialization of the the Internet, a large number of key applications are in full swing, such as e-commerce, e-government, web conferencing, e-health and so forth. However, as the key infrastructure, inter-domain routing system faces all kinds of threats as a result of lacking security mechanism. Recent years, Inter-domain routing system's safety incidents have attracted much attention in academic community.To maintain security and stability of the inter-domain routing system , security configuration and new routing protocols have been designed, such as S-BGP, So-BGP and so forth. But those proposals either need a across-the-board adjustment to the present routing system, or need to introduce a totally different Inter-domain routing system, so there are still some difficulties in deployment. In order to meet the urgent needs of inter-domain routing security, this thesis designs and improves the national inter-domain routing monitoring system.This thesis research the national inter-domain routing monitoring system, design the system structure,achieve and improve the key techniques under this system. To achieve the information extraction, data format conversion and storage of knowledge for automatic update, to achieve the commercial relations algorithm of autonomous systems, to achieve an efficient national prefix hijacking detection, given the detailed structure of multi-source domestic AS_IP knowledge base, to achieve domestic AS_IP relation detection, to achieve the domestic leakage detection based on the rules of regional relation.To propose an inter-domain routing threat situation assessment model, this makes use of anomalous BGP routes detected in our system. The model assesses the security threat status for autonomous systems, ISP networks, country and the whole Internet inter-domain routing system respectively. Proving the validity of the model, and provide valuable intuitional curve for Internet operators.Optimized the route data storage, designed and implemented two network-based route data compression algorithm, and further realization of the routing data dump. Used the EXPRESS CLUSTER to achieve the disaster recovery, ensure the stable operation of the system.Finally, this thesis introduces the deployment and operation of the system.