A journal of IEEE and CAA , publishes high-quality papers in English on original theoretical/experimental research and development in all areas of automation
Volume 8 Issue 12
Dec.  2021

IEEE/CAA Journal of Automatica Sinica

  • JCR Impact Factor: 11.8, Top 4% (SCI Q1)
    CiteScore: 17.6, Top 3% (Q1)
    Google Scholar h5-index: 77, TOP 5
Turn off MathJax
Article Contents
H. M. Lu, Y. Tang, and Y. Sun, "DRRS-BC: Decentralized Routing Registration System Based on Blockchain," IEEE/CAA J. Autom. Sinica, vol. 8, no. 12, pp. 1868-1876, Dec. 2021. doi: 10.1109/JAS.2021.1004204
Citation: H. M. Lu, Y. Tang, and Y. Sun, "DRRS-BC: Decentralized Routing Registration System Based on Blockchain," IEEE/CAA J. Autom. Sinica, vol. 8, no. 12, pp. 1868-1876, Dec. 2021. doi: 10.1109/JAS.2021.1004204

DRRS-BC: Decentralized Routing Registration System Based on Blockchain

doi: 10.1109/JAS.2021.1004204
Funds:  This work was supported by the National Natural Science Foundation of China (61601041) and the Fundamental Research Funds for the Central Universities (2019PTB-003)
More Information
  • The border gateway protocol (BGP) has become the indispensible infrastructure of the Internet as a typical inter-domain routing protocol. However, it is vulnerable to misconfigurations and malicious attacks since BGP does not provide enough authentication mechanism to the route advertisement. As a result, it has brought about many security incidents with huge economic losses. Exiting solutions to the routing security problem such as S-BGP, So-BGP, Ps-BGP, and RPKI, are based on the Public Key Infrastructure and face a high security risk from the centralized structure. In this paper, we propose the decentralized blockchain-based route registration framework-decentralized route registration system based on blockchain (DRRS-BC). In DRRS-BC, we produce a global transaction ledge by the information of address prefixes and autonomous system numbers between multiple organizations and ASs, which is maintained by all blockchain nodes and further used for authentication. By applying blockchain, DRRS-BC perfectly solves the problems of identity authentication, behavior authentication as well as the promotion and deployment problem rather than depending on the authentication center. Moreover, it resists to prefix and subprefix hijacking attacks and meets the performance and security requirements of route registration.

     

  • loading
  • [1]
    S. Murphy, BGP Security Vulnerabilities Analysis, RFC 4272, 2006.
    [2]
    O. Nordström and C. Dovrolis, “Beware of BGP attacks,” ACM SIGCOMM Comput. Commun. Rev., vol. 34, no. 2, pp. 1–8, Apr. 2004. doi: 10.1145/997150.997152
    [3]
    T. Wan and P. C. van Oorschot, “Analysis of BGP prefix origins during Google’s May 2005 outage,” in Proc. 20th IEEE Int. Parallel & Distributed Processing Symp., Rhodes, Greece, 2006.
    [4]
    R. Blog, “Con-Ed steals the net,” [Online]. Available: http://www.renesys.com/blog/2006/01/coned_steals_the_net.shtml. Accessed on: 2006.
    [5]
    R. Blog, “Pakistan hijacks YouTube,” [Online]. Available: http://www.renesys.Com/blog/2008/02/pakistan_hijiacks_youtube_1.shtml. Accessed on: 2008.
    [6]
    Sohu News, “Google accidentally hijacked BGP routes,” [Online]. Available: http://www.sohu.com/a/168006154_257305. Accessed on: Aug. 29, 2017.
    [7]
    S. Kent, C. Lynn, and K. Seo, “Secure border gateway protocol (S-BGP),” IEEE J. Sel. Areas Commun., vol. 18, no. 4, pp. 582–592, Apr. 2000. doi: 10.1109/49.839934
    [8]
    S. T. Kent, “Securing the border gateway protocol: A status update,” in Proc. 7th IFIP TC-6 TC-11 Int. Conf. Communications and Multimedia Security, Torino, Italy, 2003.
    [9]
    S. Kent, C. Lynn, J. Mikkelson, and K. Seo, “Secure border gateway protocol (S-BGP)—Real world performance and deployment issues,” in Proc. Network and Distributed System Security Symp., San Diego, USA, 2000.
    [10]
    R. White, “Securing BGP through secure origin BGP (soBGP),” Bus. Commun. Rev., vol. 33, no. 5, pp. 47–53, 2003.
    [11]
    G. Huston, M. Rossi, and G. Armitage, “Securing BGP—A literature survey,” IEEE Commun. Surv. Tut., vol. 13, no. 2, pp. 199–222, Jan. 2011. doi: 10.1109/SURV.2011.041010.00041
    [12]
    P. C. van Oorschot, T. Wan, and E. Kranakis, “On interdomain routing security and pretty secure BGP (psBNGP),” ACM Trans. Inf. Syst. Secur., vol. 10, no. 3, p. 11, Jul. 2007.
    [13]
    X. J. Hu, “Research on inter-domain routing system security,” Ph.D. dissertation, National Univ. Defense Technology, Changsha, China, 2009.
    [14]
    Y. Gilad, A. Cohen, A. Herzberg, M. Schapira, and H. Shulman, “Are we there yet? On RPKI’s deployment and security,” in Proc. NDSS Symp., San Diego, USA, 2017.
    [15]
    D. Cooper, E. Heilman, K. Brogle, L. Reyzin, and S. Goldberg, “On the risk of misbehaving RPKI authorities,” in Proc. 12th ACM Workshop on Hot Topics in Networks, College Park, USA, 2013, pp. 16.
    [16]
    E. Heilman, D. Cooper, L. Reyzin, and S. Goldberg, “From the consent of the routed: Improving the transparency of the RPKI,” ACM SIGCOMM Comput. Commun. Rev., vol. 44, no. 4, pp. 51–62, Oct. 2014.
    [17]
    H. Birge-Lee, Y. X. Sun, A. Edmundson, J. Rexford, and P. Mittal, “Bamboozling certificate authorities with BGP,” in Proc. 27th USENIX Security Symp., Baltimore, USA, 2018, pp. 833–849.
    [18]
    Q. Q. Xing, B. S. Wang, and X. F. Wang, “BGPcoin: Blockchain-based internet number resource authority and BGP security solution,” Symmetry, vol. 10, no. 9, p. 408, Sept. 2018.
    [19]
    A. Buzachis, A. Celesti, A. Galletta, M. Fazio, G. Fortino, and M. Villari, “A multi-agent autonomous intersection management (MA-AIM) system for smart cities leveraging edge-of-things and blockchain,” Inf. Sci., vol. 522, pp. 148–163, Jun. 2020. doi: 10.1016/j.ins.2020.02.059
    [20]
    G. Fortino, F. Messina, D. Rosaci, and G. M. L. Sarné, “Using blockchain in a reputation-based model for grouping agents in the internet of things,” IEEE Trans. Eng. Manage., vol. 67, no. 4, pp. 1231–1243, Nov. 2020. doi: 10.1109/TEM.2019.2918162
    [21]
    G. Fortino, F. Messina, D. Rosaci, and G. M. L. Sarne, “ResIoT: An IoT social framework resilient to malicious activities,” IEEE/CAA J. Autom. Sinica, vol. 7, no. 5, pp. 1263–1278, Sept. 2020. doi: 10.1109/JAS.2020.1003330
    [22]
    R. Casadei, G. Fortino, D. Pianini, W. Russo, C. Savaglio, and M. Viroli, “Modelling and simulation of opportunistic IoT services with aggregate computing,” Future Generat. Comput. Syst., vol. 91, pp. 252–262, Feb. 2019. doi: 10.1016/j.future.2018.09.005
    [23]
    G. R. Alam, M. M. Hassan, Z. Uddin, A. Almogren, and G. Fortino, “Autonomic computation offloading in mobile edge for IoT applications,” Future Generat. Comput. Syst., vol. 90, pp. 149–157, Jan. 2019. doi: 10.1016/j.future.2018.07.050
    [24]
    G. Fortino, D. Parisi, V. Pirrone, and G. Di Fatta, “BodyCloud: A SaaS approach for community body sensor networks,” Future Generat. Comput. Syst., vol. 35, pp. 62–79, Jun. 2014. doi: 10.1016/j.future.2013.12.015

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Figures(9)  / Tables(2)

    Article Metrics

    Article views (2167) PDF downloads(144) Cited by()

    Highlights

    • The decentralized blockchain-based route registration framework can protect the origin of IP address prefix and avoid centralized structural risk.
    • DRRS-BC establishes a global network resource transaction ledge by the information of address prefixes and AS numbers between multiple organizations and ASs.
    • DRRS-BC is secure to prefix and subprefix hijacking attacks and meet the performance and security requirements of route registration.

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return