胡宁,邹鹏,朱培栋.基于信誉机制的域间路由安全协同管理方法.软件学报,2010,21(3):505-515 |
基于信誉机制的域间路由安全协同管理方法 |
Reputation-Based Collaborative Management Method for Inter-Domain Routing Security |
投稿时间:2007-12-07 修订日期:2008-10-06 |
DOI: |
中文关键词: 域间路由 安全管理 信誉 协同 自组织 |
英文关键词:inter-domain routing security management reputation collaborative self-organize |
基金项目:Supported by the National High-Tech Research and Development Plan of China under Grant No.2008AA01A325 (国家高技术研究发展计划(863)); the National Natural Science Foundation of China Grant No.60873214 (国家自然科学基金) |
|
摘要点击次数: 5003 |
全文下载次数: 4520 |
中文摘要: |
如何抑制虚假路由的传播和恶意路由行为的发生,是域间路由安全管理的重要研究内容,对自治系统路由行为进行可信性评价和监督是其中的关键技术.设计了一种用于评价自治系统路由行为可信性的分布式协同信誉机制.该机制基于历史路由的有效性统计结果,采用后验概率分析的方法,由多个自治系统按照自组织协同的方式完成对目标自治系统的信誉计算,并将信誉计算结果作为度量该自治系统路由行为可信性的依据.实验结果表明,该机制能够抑制不良路由行为,有效提高域间路由系统的总体安全性,还能够为路由可信性分析和故障诊断提供依据,支持渐进式部署, |
英文摘要: |
The main topic of inter-domain routing security management is how to suppress the propagation of untrustworthy routes and malicious routing behaviors. Supervising and evaluating autonomous system’s (AS)routing behaviors is a key technology in this topic. This paper designs a distributed collaborative reputation mechanism of trustworthiness evaluation for AS’s routing behaviors. The mechanism takes in the statistical results on routing trustworthiness published by AS, uses a self-organizing method, employs posterior probability analysis,and finally calculates a reputation score for a particular AS. The score will be used as a metric on the trustworthiness of the routing information that AS propagates or announces afterwards. In simulations, this reputation mechanism has been shown to effectively contain AS’s bad behaviors, and hence improve the overall security of the inter-domain system. The reputation mechanism designed in this research supplies a reference to evaluation and analysis of AS’s routing behaviors. It has the following features: It supports incremental deployment.It needn’t modify the BGP protocol, so it is easy to be implemented. |
HTML 下载PDF全文 查看/发表评论 下载PDF阅读器 |