基于稳定度的可信AS-IP宣告关系构建方法

doi:10.3969/j.issn.1006-2475.2011.11.025

计算机与现代化 ›› 2011, Vol. 1 ›› Issue (11): 93-4.doi: 10.3969/j.issn.1006-2475.2011.11.025

基于稳定度的可信AS-IP宣告关系构建方法

燕强，王小强，蔡开裕，朱培栋

国防科学技术大学计算机学院,湖南长沙410073

收稿日期:2011-07-11 修回日期:1900-01-01 出版日期:2011-11-28 发布日期:2011-11-28

Stabilitybased Reliable AS-IP Mapping Construction Method

YAN Qiang, WANG Xiao-qiang, CAI Kai-yu, ZHU Pei-dong

School of Computer, National University of Defense Technology, Changsha 410073, China

Received:2011-07-11 Revised:1900-01-01 Online:2011-11-28 Published:2011-11-28

摘要/Abstract

摘要：

互联网自治系统（AS）以在路由系统中宣告网络前缀的方式宣告IP地址块的所有权。当一个自治系统宣告了不属于它的网络前缀时，就会导致前缀劫持的发生。由于边界网关协议（BGP）本身无法验证AS和IP前缀之间的宣告关系是否真实，导致对前缀劫持的检测和判定异常困难。本文提出并实现一种基于稳定度的，构建可信ASIP宣告关系的方法，并用于检测和判定前缀劫持。通过构建AS和IP前缀宣告关系的时间序列，计算该宣告关系在时间序列上的稳定度数值，并用于评估AS和IP前缀宣告关系的可信度。本文运用该方法对历史上发生过的大规模异常事件进行检测，实验表明，该方法能构造准确的AS和IP前缀宣告关系，并可有效地检测和判定前缀劫持事件。

关键词: 边界网关协议, 信度, 宣告关系, 前缀劫持

Abstract:

Internet Autonomous System (AS) claims the ownership of its IP address blocks by advertising those blocks in routing system. Prefix hijacking occurs when an AS advertises a prefix not of its own. It is known to be rather challenging to detect and confirm prefix hijacking for Border Gateway Protocol (BGP) itself cannot tell the invalid mappings of AS and its announced IP prefixes from those valid ones. This paper proposes and implements a stabilitybased approach to construct reliable ASIP mappings, which are further used in the detection of prefix hijacking. For each ASIP mapping, it first builds a time series according to its liveness in a past time window, and then calculates the stability of this sequence to measure the reliability of this mapping. This method is applied to the data related to several largescale prefix hijacking events. The experiments show that the proposed method can accurately construct ASIP mappings and effectively detect prefix hijacking events.

Key words: border gateway protocol, reliability, declaring relationship, prefix hijacking

燕强;王小强;蔡开裕;朱培栋. 基于稳定度的可信AS-IP宣告关系构建方法[J]. 计算机与现代化, 2011, 1(11): 93-4.

YAN Qiang;WANG Xiao-qiang;CAI Kai-yu;ZHU Pei-dong. Stabilitybased Reliable AS-IP Mapping Construction Method[J]. Computer and Modernization, 2011, 1(11): 93-4.

[1]	刘彧轩1, 2, 廖宇晨1, 刘忠慧1. 单条件三元概念构建及其融合推荐应用[J]. 计算机与现代化, 2024, 0(07): 1-6.
[2]	廖嘉炜, 吴永欢, 杜舒明, 邹时容, 徐炫东. 基于指数分层结构算法的数据可信度评估模型设计[J]. 计算机与现代化, 2021, 0(02): 40-44.
[3]	张芃,周良. 基于信任的动态多级访问控制模型[J]. 计算机与现代化, 2019, 0(07): 116-.
[4]	王琼. 一种改进的k-means文本聚类优化方法[J]. 计算机与现代化, 2015, 0(3): 48-51,56.
[5]	万宇文，黄林颖，甘登文. 基于权值的关联规则挖掘改进算法[J]. 计算机与现代化, 2014, 0(4): 73-76.
[6]	肖婷;陈红英. 基于可信度的Web信息搜索主动服务研究 [J]. 计算机与现代化, 2011, 1(5): 110-113.
[7]	马红星王海坤刘聪. 命令词语音识别系统的置信度改进方法 [J]. 计算机与现代化, 2011, 194(10): 146-149.

基于稳定度的可信AS-IP宣告关系构建方法

Stabilitybased Reliable AS-IP Mapping Construction Method

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 7

编辑推荐

Metrics

本文评价