基于路由状态因果链的域间路由不稳定溯源检测方法

陈迪; 邱菡; 张万里; 朱会虎; 朱俊虎; 王清贤

doi:10.11959/j.issn.1000-436x.2021221

您当前的位置：

首页 >

文章列表页 >

基于路由状态因果链的域间路由不稳定溯源检测方法

学术论文 | 更新时间：2024-06-05

- 基于路由状态因果链的域间路由不稳定溯源检测方法
- Interdomain routing instability traceable detection method based on route state causal chain
- 通信学报 2021年42卷第12期页码：76-87
- 作者机构：
  
  1. 信息工程大学网络空间安全学院，河南郑州 450002
  2. 电子信息系统复杂电磁环境效应国家重点实验室，河南洛阳 471003
- 作者简介：
  
  [ "陈迪（1992- ），女，河南郑州人，信息工程大学博士生，主要研究方向为网络系统安全、区块链技术" ]
  [ "邱菡（1981- ），女，湖北随州人，博士，信息工程大学副教授，主要研究方向为域间路由安全、网络安全模拟与评估" ]
  [ "张万里（1998- ），男，湖南常德人，信息工程大学硕士生，主要研究方向为数据安全、漏洞挖掘" ]
  [ "朱会虎（1992- ），男，河南郑州人，信息工程大学博士生，主要研究方向为域间路由安全" ]
  [ "朱俊虎（1974- ），男，河南郑州人，信息工程大学教授，主要研究方向为网络对抗、网络安全测试与评估" ]
  [ "王清贤（1960- ），男，河南卫辉人，博士，信息工程大学教授、博士生导师，主要研究方向为网络安全" ]
- 基金信息：
  
  国家自然科学基金资助项目(61502528);国家自然科学基金资助项目(61902447)
- DOI：10.11959/j.issn.1000-436x.2021221
  中图分类号： TN393
- 网络首发：2021-12，
  
  纸质出版：2021-12-25
- 稿件说明：
移动端阅览
陈迪, 邱菡, 张万里, 等. 基于路由状态因果链的域间路由不稳定溯源检测方法[J]. 通信学报, 2021,42(12):76-87.

Di CHEN, Han QIU, Wanli ZHANG, et al. Interdomain routing instability traceable detection method based on route state causal chain[J]. Journal on Communications, 2021, 42(12): 76-87.
陈迪, 邱菡, 张万里, 等. 基于路由状态因果链的域间路由不稳定溯源检测方法[J]. 通信学报, 2021,42(12):76-87. DOI： 10.11959/j.issn.1000-436x.2021221.

Di CHEN, Han QIU, Wanli ZHANG, et al. Interdomain routing instability traceable detection method based on route state causal chain[J]. Journal on Communications, 2021, 42(12): 76-87. DOI： 10.11959/j.issn.1000-436x.2021221.

摘要

针对现有域间路由不稳定溯源检测方法中检测时间受限于路由更新时延、溯源信息可能被篡改的问题，提出一种基于路由状态因果链的域间路由不稳定溯源检测方法。通过分析路由状态间存在的因果关系，定义能够刻画路由状态及其转移过程的路由状态变更标识，将其随路由更新传播发布并存储于区块链，从而构建去中心化、防篡改的路由状态因果链；通过分析本地路由状态因果链判断路由不稳定类型，追溯失效链路或策略冲突自治域序列，完成路由不稳定的溯源检测。理论证明了所提方法能够追溯导致收敛时延的失效链路和导致路由振荡的策略冲突自治域序列，并基于软件路由器在经典拓扑中进行验证。实验结果表明，所提方法可在不改变 BGP 的前提下及时检测策略与拓扑动态变化导致的路由不稳定现象并确定其源头。

Abstract

To solve the problem of detection time limitation caused by route update delay and the possible tampering of traceability information in existing route instability traceable detection methods， an interdomain routing instability traceable detection method based on route state causal chain was proposed.By analyzing the causal relationship of route states， the route state update token that can describe the route state change and transfer process was defined.Route state update tokens were published and stored in the blockchain during the route update propagation to construct the decentralized and tamper-resistant route state causal chain.By analyzing the route state causal chain， the type of route instability was judged， and the failed links or policy-conflict AS sequences were located to achieve route instability traceable detection.The capability of proposed method to trace the failure link and the policy-conflict AS sequence which could lead to convergence delay and persistent route oscillation respectively was proven theoretically， and validating experiment based on software routers in typical topology was carried out.The experimental results demonstrate that the proposed method can timely detect route instability caused by the dynamic changes of both policy and topology， and determine type and root cause of route instability without modifying BGP.

关键词

Keywords

references

REKHTER Y , LI T , HARES S . A border gateway protocol 4 (BGP-4) [R ] . RFC Editor , 2006 .

LABOVITZ C , AHUJA A , BOSE A , et al . Delayed Internet routing convergence [J ] . IEEE/ACM Transactions on Networking , 2001 , 9 ( 3 ): 293 - 306 .

PEI D , ZHANG B C , MASSEY D , et al . An analysis of convergence delay in path vector routing protocols [J ] . Computer Networks , 2006 , 50 ( 3 ): 398 - 421 .

VARADHAN K , GOVINDAN R , ESTRIN D . Persistent route oscillations in inter-domain routing [J ] . Computer Networks , 2000 , 32 ( 1 ): 1 - 16 .

KUSHMAN N , KANDULA S , KATABI D . Can You hear me now? ! [J ] . ACM SIGCOMM Computer Communication Review , 2007 , 37 ( 2 ): 75 - 84 .

GRIFFIN T G , SHEPHERD F B , WILFONG G . The stable paths problem and interdomain routing [J ] . IEEE/ACM Transactions on Networking , 2002 , 10 ( 2 ): 232 - 243 .

GAO L X , REXFORD J . Stable Internet routing without global coordination [J ] . IEEE/ACM Transactions on Networking , 2001 , 9 ( 6 ): 681 - 692 .

GILL P , SCHAPIRA M , GOLDBERG S . A survey of interdomain routing policies [J ] . ACM SIGCOMM Computer Communication Review , 2013 , 44 ( 1 ): 28 - 34 .

VILLAMIZAR C , CHANDRA R , GOVINDAN R . BGP route flap damping [R ] . RFC Editor , 1998 .

MAO Z M , GOVINDAN R , VARGHESE G , et al . Route flap damping exacerbates Internet routing convergence [J ] . ACM SIGCOMM Computer Communication Review , 2002 , 32 ( 4 ): 221 - 233 .

DA S R B , SOUZA M E . A survey on approaches to reduce BGP interdomain routing convergence delay on the Internet [J ] . IEEE Communications Surveys ＆ Tutorials , 2017 , 19 ( 4 ): 2949 - 2984 .

GODFREY P B , CAESAR M , HAKEN I , et al . Stabilizing route selection in BGP [J ] . IEEE/ACM Transactions on Networking , 2015 , 23 ( 1 ): 282 - 299 .

SOBRINHO J L , FIALHO D , MATEUS P . Stabilizing BGP through distributed elimination of recurrent routing loops [C ] // Proceedings of 2017 IEEE 25th International Conference on Network Protocols (ICNP) . Piscataway:IEEE Press , 2017 : 1 - 10 .

ZHANG J , HU Z Y , ZHANG T . Update chain-based approach for checking route oscillation of BGP [J ] . Chinese Journal of Aeronautics , 2011 , 24 ( 2 ): 202 - 209 .

LI Q , XU M W , WU J P , et al . Toward a practical approach for BGP stability with root cause check [J ] . Journal of Parallel and Distributed Computing , 2011 , 71 ( 8 ): 1098 - 1110 .

FEAMSTER N , JOHARI R , BALAKRISHNAN H . Implications of autonomy for the expressiveness of policy routing [J ] . ACM SIGCOMM Computer Communication Review , 2005 , 35 ( 4 ): 25 - 36 .

KWON J . Tendermint:consensus without mining [R ] . 2014 .

PEI D , AZUMA M , MASSEY D , et al . BGP-RCN:improving BGP convergence through root cause notification [J ] . Computer Networks , 2005 , 48 ( 2 ): 175 - 194 .

AFEK Y , BREMLER-BARR A , SCHWARZ S . Improved BGP convergence via ghost Flushing [J ] . IEEE Journal on Selected Areas in Communications , 2004 , 22 ( 10 ): 1933 - 1948 .

OLIVEIRA R , ZHANG B C , PEI D , et al . Quantifying path exploration in the Internet [J ] . IEEE/ACM Transactions on Networking , 2009 , 17 ( 2 ): 445 - 458 .

WENHUA W , QINGGUO S , QIN Z . On the relationship between BGP convergence delay and network topology [C ] // Proceedings of 2008 11th IEEE International Conference on Communication Technology . Piscataway:IEEE Press , 2008 : 546 - 549 .

GÄMPERLI A , KOTRONIS V , DIMITROPOULOS X . Evaluating the effect of centralization on routing convergence on a hybrid BGP-SDN emulation framework [C ] // Proceedings of the 2014 ACM Conference on SIGCOMM . New York:ACM Press , 2014 : 369 - 370 .

BONEH D , BÜNZ B , FISCH B . Batching techniques for accumulators with applications to IOPs and stateless blockchains [C ] // Advances in Cryptology – CRYPTO 2019 . Berlin:Springer , 2019 : 561 - 586 .

浏览量

999

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

UANET中基于任务感知的区块链共识与存储协同优化研究

云辅助工业物联网中基于区块链的用户友好型数据检索和共享方案

基于区块链的可信数据空间数据要素演化博弈研究

基于匿名凭证与区块链的V2G网络电力交易隐私保护认证方案

支持拜占庭容错的分布式物联网访问控制机制