Research And Implementation Of Co-operational Monitoring Technologies For Inter-domain Routing

The Internet has been developing so fast that it has become more and more important in our economic and social life. Nowadays, a large number of Internet-based applications, such as e-commerce, e-government, web conferencing, e-health and so forth, are in full swing. However, as one of the key infrastructure of the Internet, inter-domain routing system faces various kinds of threats due to the lack of security mechanism.In recent years, security incidents in inter-domain routing system have attracted much attention in industrial and academic communities. Some enhanced protocols have been proposed, such as S-BGP, soBGP and so on, but those protocols, either need an across-the-board adjustment to the present PKI system, or need to build a totally different Inter-domain routing system, which renders some difficulties in deployment and investment. Under this situation, BGP security monitoring is a technology that is really useful in practice.This thesis investigates deeply into the inter-domain routing system, establishes a co-operational model of the monitoring system based on route table detection, and also researches the key techniques under this system.(1) First, we present the detailed design of database in which the information is collected from different sources. For each method, we analyze the usability and the creditability, and then give a collision detection algorithm to eliminate the inconsistencies.(2) Co-operational monitoring technologies for inter-domain routing system are studied intensively. The conception of detection alliance is introduced for cooperation among ISPs. In each alliance, router tables are collected and shared for detection. In this way, members can detect anomalies across their domains and verify anomalies mutually, which improves the precision of the detection results. Furthermore, we describe a novel display method with horizontal degree and vertical degree, which can give a good solution for visualization of detection results.(3) The system is deployed in a distributed mode, which requires trusty communication. In order to build a trusty environment, the malicious members who send bogus information should be punished. Therefore, we consider the members'reputation in each alliance, and propose a distributed approach to store the reputation values in using of consistent hashing. At last, we present a technology to punish these malicious members.(4) Finally, we design and implement a prototype of the Internet BGP routing monitoring system, and some application examples are presented. Experiments show that our system can detect various kinds of anomalies. By using of co-operational technologies, we can get a higher degree of precision.