Proceedings Article10.1109/ICCC47050.2019.9064462
DSA-NIE: Double Static Attributes Based Node Importance Evaluation of Inter-Domain Routing System
Huihu Zhu,Han Qiu,Junhu Zhu,Qingxian Wang +3 more
- 01 Dec 2019
1
TL;DR: The relationship between static structural attributes and dynamic attributes after node failure is analyzed and it is found that the degree can indirectly reflect the impact of the UPDATE packet propagation and the number of routing paths can reflect theimpact caused by load redistribution.
read more
Abstract: Assessing the importance of AS nodes is important for the protection of inter-domain routing system security. However, the existing literature on node importance evaluation methods based on static attributes are difficult to accurately characterize nodes. And which based on dynamic attributes have high time complexity. To address these problems, we analyze the relationship between static structural attributes and dynamic attributes after node failure. It is found that the degree can indirectly reflect the impact of the UPDATE packet propagation and the number of routing paths can reflect the impact caused by load redistribution. And then, we build static attribute characterization model of node failure effect. After that an evaluation method DSA-NIE is put forward. Given the two static attributes, DSA-NIE could effectively assessment of the importance of nodes. When compared with SD-KNI algorithm, the time complexity has been reduced to O(lmn). And the experiment result shows that the failure effect of the key nodes assessed by the DSA-NIE is 7.4% higher than the average, and up to 12.9% higher.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Reinforcement Learning based Attack Timing Optimization in Inter-domain Networks
Yibing Weng,Yunsheng Guo,Yu Gu +2 more
- 04 Aug 2023
TL;DR: A practical dynamic network model with session state transition and recovery mechanisms to simulate real networking conditions and proves that the attack timing optimization under this dynamic model is an NP-hard problem, and proposes a Deep Q-Network (DQN) based attack timing scheduling solution to maximize the network failure effect.
References
A Survey of BGP Security Issues and Solutions
Kevin R. B. Butler,T.R. Farley,Patrick McDaniel,Jennifer Rexford +3 more
- 01 Jan 2010
TL;DR: This paper considers the current vulnerabilities of the interdomain routing system and surveys both research and standardization efforts relating to BGP security, exploring the limitations and advantages of proposed security extensions to B GP, and explaining why no solution has yet struck an adequate balance between comprehensive security and deployment cost.
A Survey of BGP Security Issues and Solutions The Border Gateway Protocol (BGP) controls much of Internet traffic, but is vulnerable to communications interruptions and failures; finding suitable improved security measures with acceptable costs is difficult.
Kevin Butler,Toni R. Farley,Patrick McDaniel,Jennifer Rexford +3 more
- 01 Jan 2010
TL;DR: The limitations and advantages of proposed security extensions to BGP, and why no solution has yet struck an adequate balance betweencomprehensive security anddeployment cost as discussed by the authors.
282
SPIFFY: Inducing Cost-Detectability Tradeoffs for Persistent Link-Flooding Attacks.
Min Suk Kang,Virgil D. Gligor,Vyas Sekar +2 more
- 01 Jan 2016
TL;DR: A software-defined network (SDN) based system called SPIFFY is designed that addresses key practical challenges in turning this high-level idea into a concrete defense mechanism, and provides a practical solution to force a tradeoff between cost vs. detectability for linkflooding attacks.
115
Losing control of the internet: using the data plane to attack the control plane
Max Schuchard,Abedelaziz Mohaisen,Denis Foo Kune,Nicholas Hopper,Yongdae Kim,Eugene Y. Vasserman +5 more
- 04 Oct 2010
TL;DR: A distributed denial of service attack that attacks the control plane of the Internet by carefully choosing BGP sessions to terminate generates a surge of BGP updates that are seen by nearly all core routers on the Internet.
A Survey among Network Operators on BGP Prefix Hijacking
Pavlos Sermpezis,Vasileios Kotronis,Alberto Dainotti,Xenofontas Dimitropoulos +3 more
- 27 Apr 2018
TL;DR: In this article, the authors present the results of a survey among 75 network operators to study: (a) the operators' awareness of BGP prefix hijacking attacks, (b) presently used defenses (if any), and (c) the willingness to adopt new defense mechanisms, and (d) reasons that may hinder the deployment of prefix-hijacking defenses.
77