Research On BGP Security Based On Trust Mechanism

Border Gateway Protocol(BGP)is an inter-domain routing protocol between autonomous systems that has the ability to transmit network reachability information from different autonomous systems.As a pivotal protocol for Internet information transmission,although the BGP protocol can quickly and easily connect autonomous domains belonging to different regulatory agencies to form a huge Internet,the inter-domain routing protocol blindly trusts the routing advertisements of any autonomous system and is vulnerable to malicious attacks.The false message is further propagated to the entire network,which causes the victim network to be interrupted,the outside world to be inaccessible,and the huge data stream to be introduced into the "black hole."Drawing on the research results in other fields,the trust mechanism is applied to BGP security protection,and a complete credibility evaluation system for inter-domain routing behavior can avoid this problem.Based on the BGP abnormal behavior detection data,this paper conducts the trust calculation of inter-domain routing,and proposes a predictive trust evaluation model that combines direct trust and indirect reputation.Based on this trust model,the existing BGP path selection scheme is improved,and a BGP path selection scheme based on the path trust value is proposed.The BGP trust calculation model proposed in this paper is predictable and the trust fluctuations conforms to the characteristics of human social trust fluctuations.The trust model combines direct trust with indirect reputation to make the calculated value of trust more reasonable and accurate.In the direct trust process,it is possible to discuss and calculate separately for different attack forms and introduce a time decay function and a penalty factor to make the trust evaluation value more reasonable.In the process of indirect reputation calculation,this paper proposes a collaborative filtering method suitable for BGP trust evaluation,which selectively adopts the reputation recommendation information of the neighboring autonomous domain system to avoid malicious recommendation attacks and joint malicious recommendation attacks.This BGP routing strategy is the existing BGP routing scheme is improved,the trust policy path calculation steps added to an existing inter-domain routing routing method,make the trust evaluation index become one of the standard of inter-domain routing protocol routing,which can contain false inter-domain routing the production and propagation of cheating,make false routing information will not be adopted by other inter-domain routing nodes.The experimental results show that the trust calculation model proposed in this paper is accurate and can resist different forms of false recommendation attacks,and can select the best trust path to further suppress the message generation and propagation of false nodes.This paper deals with various forms of attacks that exist when inter-domain routing protocols propagate network reachability information.Based on the analysis of the existing trust model and the characteristics of inter-domain routing information dissemination,a more practical single-domain routing node computing model and a more effective inter-domain routing trust path computing strategy are proposed.These calculations can provide effective guidance for inter-domain routing decisions,and at the same time prevent the propagation of malicious notifications between inter-domain routes.It provides strong support for the normal operation of inter-domain routing systems in the Internet and the safe business operations of enterprises.