Region-Based BGP Announcement Filtering for Improved BGP Security

Free registration required

Executive Summary

BGP prefix hijacking is a serious security threat on the Internet. In this paper, the authors propose a Region-based BGP announcement Filtering scheme (RBF) to improve the BGP security. In contrast to existing solutions that indifferently prevent or detect prefix hijacking attacks, RBF enables differentiated AS and prefix filtering treatment and blends prefix hijacking prevention with deterrence. RBF is a light-weight BGP security scheme that provides strong incremental deployment incentive and better prefix hijacking deterrence. Experimental studies based on real Internet numbers allocation information and BGP traces show that RBF is a feasible and effective scheme in improving BGP security.

  • Format: PDF
  • Size: 310.1 KB