域間路由系統(tǒng)級聯(lián)失效下的目標失效鏈路定位方法研究
doi: 10.11999/JEIT200008
-
1.
戰(zhàn)略支援部隊信息工程大學 鄭州 450001
-
2.
國家數(shù)字交換系統(tǒng)工程技術(shù)研究中心 鄭州 450001
基金項目: 國家自然科學基金(61502528)
Research on Target Failure Link Location Method in Inter-domain Routing System Cascading Failure
-
1.
Information Engineering University, Zhengzhou 450001, China
-
2.
National Digital Switching System Engineering & Technological Research Center, Zhengzhou 450001, China
Funds: The National Natural Science Foundation of China (61502528)
-
摘要: 協(xié)同跨平面會話中斷攻擊(CXPST)通過反復(fù)對多條目標關(guān)鍵鏈路實施低速率拒絕服務(wù)攻擊(LDoS)造成域間路由系統(tǒng)的級聯(lián)失效,從而導(dǎo)致互聯(lián)網(wǎng)的崩潰。在攻擊發(fā)生的初期,準確定位受攻擊的關(guān)鍵鏈路并進行針對性防御可遏制級聯(lián)失效的發(fā)生?,F(xiàn)有定位方法研究主要基于單源假設(shè),沒有考慮多條目標鏈路同時失效對路徑撤回的影響,定位準確度受限。針對上述問題,該文提出一種基于加權(quán)統(tǒng)計匹配得分的多失效鏈路定位方法(WSFS),以級聯(lián)失效攻擊目標鏈路選擇策略作為推斷基礎(chǔ),將撤銷路徑長度的倒數(shù)作為權(quán)重對評分進行加權(quán)?;趯嶋H網(wǎng)絡(luò)拓撲和有利點位置的級聯(lián)失效攻擊仿真實驗結(jié)果表明,WSFS比目前最優(yōu)方法平均準確率可提升5.45%。實驗結(jié)果證明WSFS相比于其他定位方法更適合應(yīng)對域間路由系統(tǒng)級聯(lián)失效下的目標失效鏈路定位問題。
-
關(guān)鍵詞:
- 多失效鏈路定位 /
- 域間路由系統(tǒng) /
- 級聯(lián)失效 /
- 路徑長度加權(quán)
Abstract: Coordinated Cross Plane Session Termination (CXPST) repeatedly implements Low rate Denial of Service (LDoS) attacks on multiple target critical links, causing the cascading failure of the inter-domain routing system and the collapse of the internet. In the early stages of an attack, accurately locating the critical link under attack and carrying out targeted defense can prevent the occurrence of cascading failures. The research on existing locating methods is mainly based on the single-source hypothesis, and does not consider the impact of simultaneous failure of multiple target links on path withdrawal, so the locating accuracy is limited. To solve the above problems, a locating method is proposed based on Weighted Statistical Fit Score (WSFS). Using the target link selection strategy of cascading failure attack as inferring basis, scores are weighted by the reciprocal of the length of the withdrawal paths. The simulation results based on the actual network topology and vantage point location show that WSFS can improve the average accuracy rate by 5.45% compared with the current optimal method. Experimental results prove that WSFS is more suitable for locating target failure links in inter-domain routing system cascading failure than other locating methods. -
REKHTER Y, LI T, and HARES S. IETF RFC 4271 A border gateway protocol 4 (BGP-4)[S]. 2006. SERMPEZIS P, KOTRONIS V, DAINOTTI A, et al. A survey among network operators on BGP prefix hijacking[J]. ACM SIGCOMM Computer Communication Review, 2018, 48(1): 64–69. doi: 10.1145/3211852.3211862 BUTLER K, MCDANIEL P, and AIELLO W. Optimizing BGP security by exploiting path stability[C]. The 13th ACM Conference on Computer and Communications Security, Alexandria, USA, 2006: 298–310. SCHUCHARD M, THOMPSON C, HOPPER N, et al. Taking routers off their meds: Why assumptions of router stability are dangerous[C]. The 19th Network and Distributed System Security Symposium, San Diego, USA, 2012. DENG Wenping, ZHU Peidong, LU Xicheng, et al. On Evaluating BGP routing stress attack[J]. Journal of Communications, 2010, 5(1): 13–22. SCHUCHARD M, MOHAISEN A, FOO KUNE D, et al. Losing control of the internet: Using the data plane to attack the control plane[C]. The 17th ACM Conference on Computer and Communications Security, Chicago, USA, 2010: 726–728. LI Heshuai, ZHU Junhu, QIU Han, et al. The new threat to internet: DNP attack with the attacking flows strategizing technology[J]. International Journal of Communication Systems, 2015, 28(6): 1126–1139. doi: 10.1002/dac.2748 ZHANG Ying, MAO Z M, WANG J. Low-Rate TCP-targeted DoS attack disrupts internet routing[C]. 2007 Network and Distributed System Security Symposium, San Diego, USA, 2007. 鄭皓, 陳石, 梁友. 關(guān)于“數(shù)字大炮”網(wǎng)絡(luò)攻擊方式及其防御措施的探討[J]. 計算機研究與發(fā)展, 2012, 49(S1): 69–72.ZHENG Hao, CHEN Shi, and LIANG You. How the cyber weapon “Digital Ordnance” works and its precautionary measures[J]. Journal of Computer Research and Development, 2012, 49(S1): 69–72. 邱菡, 李玉峰, 蘭巨龍, 等. 域間路由系統(tǒng)的級聯(lián)失效攻擊及檢測研究[J]. 中國科學: 信息科學, 2017, 47(12): 1715–1729. doi: 10.1360/N112016-00259QIU Han, LI Yufeng, LAN Julong, et al. Research on cascading failure attack and detection of inner-domain routing system[J]. Scientia Sinica Informationis, 2017, 47(12): 1715–1729. doi: 10.1360/N112016-00259 QIU Han, ZHU Huihu, LI Yufeng, et al. FD-SP: A method for predicting cascading failures of inter-domain routing system[C]. The 4th IEEE International Conference on Computer and Communications (ICCC), Chengdu, China, 2018: 290–295. GUO Yi, DUAN Haixin, CHEN Jikun, et al. MAF-SAM: An effective method to perceive data plane threats of inter domain routing system[J]. Computer Networks, 2016, 110: 69–78. doi: 10.1016/j.comnet.2016.09.017 ZHANG Mingwei, LI Jun, and BROOKS S. I-Seismograph: Observing, measuring, and analyzing internet earthquakes[J]. IEEE/ACM Transactions on Networking, 2017, 25(6): 3411–3426. doi: 10.1109/TNET.2017.2748902 ZENG Ziyi, ZHU Junhu, QIU Han, et al. SM-RC: A new security measurement method for inter-domain routing system[J]. IEEE Access, 2019, 7: 108189–108199. doi: 10.1109/ACCESS.2019.2927712 CAESAR M, SUBRAMANIAN L, and KATZ R H. Towards localizing root causes of BGP dynamics[R]. UCB/CSD-04-1302, 2003. FELDMANN A, MAENNEL O, MAO Z M, et al. Locating Internet routing instabilities[J]. ACM SIGCOMM Computer Communication Review, 2004, 34(4): 205–218. doi: 10.1145/1030194.1015491 JAVED U, CUNHA I, CHOFFNES D, et al. PoiRoot: Investigating the root cause of interdomain path changes[J]. ACM SIGCOMM Computer Communication Review, 2013, 43(4): 183–194. doi: 10.1145/2534169.2486036 GLASS K, COLBAUGH R, and PLANCK M. Automatically identifying the sources of large Internet events[C]. 2010 IEEE International Conference on Intelligence and Security Informatics, Vancouver, Canada, 2010: 108–113. VENTORIM COMARELA G. On the dynamics of interdomain routing in the Internet[D]. [Ph. D. dissertation], Boston University, 2017. HOLTERBACH T, VISSICCHIO S, DAINOTTI A, et al. Swift: Predictive fast reroute[C]. 2017 Conference of the ACM Special Interest Group on Data Communication, Los Angeles, USA, 2017: 460–473. CAIDA. BGP AS links[EB/OL]. http://as-rank.caida.org. RIPE. RIS raw data[EB/OL]. https://www.ripe.net/analyse/internet-measurements/routing-information-service-ris/ris-raw-data, 2019. -