Method for BGP-LDoS Attack Detection of Inter Domain Routing System Based on the Theory of Catastrophe Equilibrium State
Author:
Affiliation:

Clc Number:

Fund Project:

National Natural Science Foundation of China (61402525, 61402526); National High Technology Research andDevelopment Program of China (863) (2012AA012902)

  • Article
  • |
  • Figures
  • |
  • Metrics
  • |
  • Reference
  • |
  • Related
  • |
  • Cited by
  • |
  • Materials
  • |
  • Comments
    Abstract:

    Inter domain routing system is a key infrastructure for the Internet. A large-scale low rate denial of service attack against BGP sessions (BGP-LDoS) can trigger a wild range of cascading failure and cause the overall paralysis of inter domain routing system. Unfortunately, the existing protection mechanisms and detection methods are not effective in detecting this type of threat originated from the system's data plane. To tackle the issue, this paper analyzes the inter domain state catastrophe process under BGP-LDoS attack, and then proposes a BGP-LDoS attack detection method based on the equilibrium state of the catastrophe theory (ESCT). Flow periodic characteristics, routing session characteristics and system forwarding packets are chosen as the detection characteristics. Based on the detection characteristics, the catastrophe model is selected and the state variables and control variables are determined. Using the collected historical data as training samples, the catastrophe function is trained in order to establish the normal and abnormal state of the equilibrium surface. Using the trained cusp catastrophe model to monitor the running state of the system, the detection of the attack is realized by utilizing the bifurcation set function to judge whether the system will jump from normal to failure. The experimental results show that this method can achieve good detection capability while only monitoring a few links and nodes. It can also provide a reliable reference for the network administrator to detect and respond to attacks in advance.

    Reference
    Related
    Cited by
Get Citation

苗甫,张连成,郭毅,王禹,王振兴.基于突变平衡态理论的BGP-LDoS攻击检测方法.软件学报,2018,29(12):3853-3867

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:January 17,2017
  • Revised:March 10,2017
  • Adopted:
  • Online: December 05,2018
  • Published:
You are the firstVisitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063