Failure Isolation based Defense against Internet CXPST-like Attack

Provided by: Science & Engineering Research Support soCiety (SERSC)
Topic: Security
Format: PDF
Attacking on inter-domain routing system degrades the availability and performance of Internet severely. It is challenge to defend against the extreme attacks which exhaust the resources of routers by generating a great number of update messages. In this paper, the authors propose two mechanisms to protect Internet from such attacks: to isolate attacks in local region, unnecessary updates are suppressed without affecting the correctness of routing; to break down the route flapping which repeatedly generates updates, the paths selected are validated to detour the attacked links, which diffuses the deliberately attacks to random attacks.

Find By Topic