Skip to main content
SpringerLink
Log in

An immune-theory-based model for monitoring inter-domain routing system

  • Research Paper
  • Published:
Science China Information Sciences Aims and scope Submit manuscript

Abstract

The inter-domain routing system faces many serious security threats because the border gateway protocol (BGP) lacks effective security mechanisms. However, there is no solution that satisfies the requirements of a real environment. To address this problem, we propose a new model based on immune theory to monitor the inter-domain routing system. We introduce the dynamic evolution models for the “self” and detection cells, and construct washout and update mechanisms for the memory detection cells. Furthermore, borrowing an idea from immune network theory, we present a new coordinative method to identify anomalous nodes in the inter-domain routing system. In this way, the more nodes working with their own information that join the coordinative network, the greater is the ability of the system to identify anomalous nodes through evaluation between nodes. Because it is not necessary to modify the BGP, the ITMM is easy to deploy and inexpensive to implement. The experimental results confirm the method’s ability to detect abnormal routes and identify anomalous nodes in the inter-domain routing system.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Rekhter Y, Li T, Hares S. A border gateway protocol 4 (BGP-4). http://www.ietf.org/rfc/rfc4271.txt

  2. Siganos G, Faloutsos M. Neighborhood watch for internet routing: Can we improve the robustness of internet routing today? In: Proceedings of IEEE INFOCOM, Anchorage, Alaska, USA, 2007

  3. Chavali S, Radoaca V, Miri M, et al. Peer prefix limits exchange in BGP IETF draft. http://tools.ietf.org/html/draftchavalibgp-prefixlimit

  4. Barbir A, Murphy S, Yang Y. Generic threats to routing protocols. http://www.ietf.org/rfc/rfc4593.txt

  5. Wan T, Oorschot C. Analysis of BGP prefix origins during Google’s May 2005 outage. In: Spirakis P, ed. Proc. of the Security in Systems and Networks. Washington: IEEE Computer Society Press, 2006. 8–15

    Google Scholar 

  6. Karlin J, Forrest S, Rexford J. Autonomous security for autonomous systems. Comput Netw, 2008, 52: 2908–2923

    Article  MATH  Google Scholar 

  7. Kent S, Lynn C, Seo K. Secure border gateway protocol (S-BGP). IEEE J Select Areas Commun (Special Issue on Network Security), 2000, 18: 582–592

    Article  Google Scholar 

  8. White R. Securing BGP through secure origin BGP. Int Protocol J, 2003, 6: 15–22

    Google Scholar 

  9. Goodell G, Aiello W, Griffin T, et al. Working around BGP: An incremental approach to improving security and accuracy of inter-domain routing. In: Proc. Of the ISOC NDSS 2003, San Diego, 2003. 75–85

  10. Subramanian L, Roth V, Stoica I, et al. Security mechanisms for BGP. In: Proc. of the 1st Symp. on Networked Systems Design and Implementation (NSDI 2004), San Francisco: USENIX, 2004. 127–140

  11. Aiello W, Ioannidis J, McDaniel P. Origin authentication in Inter-domain routing. In: Proc. of the 10th ACM Conf. on Computer and Communications Security. Washington: ACM, 2003. 165–178

  12. Wan T, Kranakis E, Oorschot P C. Pretty secure BGP (psBGP). In: Proc of the 12th Annual Network and Distributed System Security Symposium (NDSS’05). San Diego, California: Internet Society, 2005

    Google Scholar 

  13. Hu C, Perring A, Sirbu M. SPV: Secure path vector routing for securing BGP. In: Yavatkar R, ed. Proc. of the ACM SIGCOMM. Washington: ACM Press, 2004. 179–192

    Google Scholar 

  14. Gao L, Gong Z H, Liu Y P, et al. A TLP approach for BGP based on local speculation. Sci China Ser F-Inf Sci, 2008, 38: 1663–1678

    Google Scholar 

  15. Lad M, Massey D, Pei D. PHAS: a prefix hijack alert system. In: Proc of the 15th USENIX Security Symposium (USENIX-SS’06): Vancouver BC Canada USENIX Association, 2006. 18–l19

  16. Liu X, Wang X Q, Zhu P D, et al. Security evaluation for inter-domain routing system in the Internet (in Chinese). J Comput Res Devel, 2009, 46: 1669–1677

    Google Scholar 

  17. Lu X C, Zhao J J, Zhu P D, et al. Self-organization of inter-domain routing system. Chin J Softw, 2006, l7: 1922–1932

    Article  Google Scholar 

  18. Wang L, Liu X Y. A study on a coordinative immune-computing model. Acta Electr Sin, 2009, 37: 1739–1744

    Google Scholar 

  19. Esponda F, Forrest S, Helman P. A formal framework for positive and negative detection. IEEE Trans Syst Man Cybern B, 2004, 34: 357–373

    Article  Google Scholar 

  20. Erica K. Inspired by immunity. Nature, 2002, 415: 468–470

    Article  Google Scholar 

  21. Deng W P, Zhu P D, Lu X C. On evaluating BGP routing stress attack. J Commun, 2010, 5: 13–22

    Google Scholar 

  22. Prehofer C, Bettstetter C. Self-organization in communication networks: Principles and design paradigms. IEEE Commun Mag, 2005, 43: 78–85

    Article  Google Scholar 

  23. Li T. An immune based model for network monitoring. Chin J Comput, 2006, 29: 1515–1522

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Digital Switching System Engineering & Technological R & D Center, Zhengzhou, 450002, China

    Yi Guo & ZhenXing Wang

Authors
  1. Yi Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. ZhenXing Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yi Guo.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Guo, Y., Wang, Z. An immune-theory-based model for monitoring inter-domain routing system. Sci. China Inf. Sci. 55, 2358–2368 (2012). https://doi.org/10.1007/s11432-011-4451-0

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11432-011-4451-0

Keywords

Search

Navigation