Efficient Techniques for Detecting False Origin Advertisements in
Inter-domain Routing
Sophie Qiu
Department of Computer Science
Johns Hopkins University
Abstract
The Border Gateway Protocol (BGP), and hence the Internet, remains
critically vulnerable to a range of prefix forgery attacks. We address
these attacks by proposing a non-cryptographic, incrementally deployable
mechanism to probabilistically detect forged BGP origin advertisements.
Upon receiving an advertisement from a ``suspicious'' origin, the
receiving domain intelligently probes other ASes about the received
information. Any dissenting information indicates potential forgery or
error, and is reported by the polled ASes to the true origin and processed
appropriately. In this design, we exploit the fact that the highly
connected AS topology makes it difficult to block the dissemination of
information as it traverses the Internet. We evaluate the effectiveness
of our probing mechanism via simulation on realistic Internet topologies.
The experiments show that 98% of forgeries can be detected even when as
few as 10% of the ASes participate in the protocol under a naive polling
stratagem. Moreover, we show that judicious node selection can further
improve detection rates while minimizing the number of probes.