Design And Implementation Of Inter-domain Routing Security Detection System Based On As Alliance

In today’s society,the Internet has become an indispensable and important infrastructure.As more companies and organizations join the Internet,the scale and complexity of the network continue to increase.The internal networks of these companies and organizations are collectively referred to as Autonomous Systems(AS)or domains.However,route hijacking attacks on Internet ASs have occurred repeatedly,causing great impact on network service quality,even causing service interruption,and causing serious social impact and economic losses.Therefore,measures are urgently needed to protect the IP resources of Internet ASs,and to prevent illegal use or malicious attacks.The existing inter domain routing security detection ensures inter domain routing security by detecting various routing anomalies and notifying them in a timely manner.The control plane based detection method has good real-time performance,but its accuracy depends on the effectiveness of the knowledge base.The data plane based detection method has high accuracy,but there are delays and hardware deployment issues.The AS alliance is an alliance relationship formed through negotiation and cooperation among multiple ASs,which can participate in network security monitoring,detect malicious routing attacks,ensure the safe propagation,monitoring,and maintenance of routes,and further improve network security.Therefore,introducing the AS alliance can promote the development and innovation of network protocols,improve network security performance and security response ability,and provide better network services and guarantees for users.This paper designs and implements a domain inter-routing security detection method based on AS alliances.By constructing AS alliances and realizing information sharing among alliance members,combined with publicly available BGP monitoring data in the Internet,domain inter-routing security detection is completed to improve the detection efficiency of BGP route hijacking events.The work of this paper is mainly divided into three parts.First,a construction plan for the AS alliance and a method for selecting key nodes are designed,and based on this,a routing security detection mechanism based on the AS alliance is designed.Based on the proposed routing security detection mechanism,a domain inter-routing security detection system based on the AS alliance is designed and implemented,including data collection module,data storage module,information extraction module,security detection module,and information display module,and the design of database tables is completed.Finally,a domain inter-routing security detection system is designed and implemented,which can effectively monitor domain inter-routing hijacking events in real-time through the construction of an alliance knowledge base and alliance-based detection,record detailed information of hijacking events,display events that users care about,and provide configuration interfaces.By comparing the experimental results with existing detection systems,the reliability of the system is verified,and effective detection data is provided to users.