{"title":"RoLL+:实时和准确的路由泄漏定位与AS三重特征在规模","authors":"Jiang Li;Jiahao Cao;Zili Meng;Renjie Xie;Qi Li;Yuan Yang;Mingwei Xu","doi":"10.1109/TNET.2024.3458943","DOIUrl":null,"url":null,"abstract":"Border Gateway Protocol (BGP) is the only inter-domain routing protocol that plays an important role on the Internet. However, BGP suffers from route leaks, which can cause serious security threats. To mitigate the effects of route leaks, accurate and timely route leak locating is of great importance. Prior studies leverage AS business relationships to locate route leaks in real time. However, they fail to achieve high locating accuracy. Recent studies apply machine learning to accurately detect route leaks from statistical features of massive BGP messages. Nevertheless, they have high detection latency and cannot further locate route leaks. In this paper, we propose a real-time and accurate route leak locating system named RoLL+. It leverages distinctive AS triplet features to accurately locate AS triplets with route leaks from each BGP message in real time. Considering that RoLL+ may receive a substantial volume of BGP update messages per second, we integrate a cache-like design and a lazy update mechanism into the system to effectively identify route leaks at scale. Our experimental results on real-world BGP route leak data demonstrate that it can achieve 92% locating accuracy with less than 1 ms locating latency. Furthermore, the results show that RoLL+ can process over 7,000 AS triplets per second, meeting real-world throughput requirements.","PeriodicalId":13443,"journal":{"name":"IEEE/ACM Transactions on Networking","volume":"32 6","pages":"5263-5278"},"PeriodicalIF":3.0000,"publicationDate":"2024-09-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"RoLL+: Real-Time and Accurate Route Leak Locating With AS Triplet Features at Scale\",\"authors\":\"Jiang Li;Jiahao Cao;Zili Meng;Renjie Xie;Qi Li;Yuan Yang;Mingwei Xu\",\"doi\":\"10.1109/TNET.2024.3458943\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Border Gateway Protocol (BGP) is the only inter-domain routing protocol that plays an important role on the Internet. However, BGP suffers from route leaks, which can cause serious security threats. To mitigate the effects of route leaks, accurate and timely route leak locating is of great importance. Prior studies leverage AS business relationships to locate route leaks in real time. However, they fail to achieve high locating accuracy. Recent studies apply machine learning to accurately detect route leaks from statistical features of massive BGP messages. Nevertheless, they have high detection latency and cannot further locate route leaks. In this paper, we propose a real-time and accurate route leak locating system named RoLL+. It leverages distinctive AS triplet features to accurately locate AS triplets with route leaks from each BGP message in real time. Considering that RoLL+ may receive a substantial volume of BGP update messages per second, we integrate a cache-like design and a lazy update mechanism into the system to effectively identify route leaks at scale. Our experimental results on real-world BGP route leak data demonstrate that it can achieve 92% locating accuracy with less than 1 ms locating latency. Furthermore, the results show that RoLL+ can process over 7,000 AS triplets per second, meeting real-world throughput requirements.\",\"PeriodicalId\":13443,\"journal\":{\"name\":\"IEEE/ACM Transactions on Networking\",\"volume\":\"32 6\",\"pages\":\"5263-5278\"},\"PeriodicalIF\":3.0000,\"publicationDate\":\"2024-09-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE/ACM Transactions on Networking\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10691928/\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE/ACM Transactions on Networking","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10691928/","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
RoLL+: Real-Time and Accurate Route Leak Locating With AS Triplet Features at Scale
Border Gateway Protocol (BGP) is the only inter-domain routing protocol that plays an important role on the Internet. However, BGP suffers from route leaks, which can cause serious security threats. To mitigate the effects of route leaks, accurate and timely route leak locating is of great importance. Prior studies leverage AS business relationships to locate route leaks in real time. However, they fail to achieve high locating accuracy. Recent studies apply machine learning to accurately detect route leaks from statistical features of massive BGP messages. Nevertheless, they have high detection latency and cannot further locate route leaks. In this paper, we propose a real-time and accurate route leak locating system named RoLL+. It leverages distinctive AS triplet features to accurately locate AS triplets with route leaks from each BGP message in real time. Considering that RoLL+ may receive a substantial volume of BGP update messages per second, we integrate a cache-like design and a lazy update mechanism into the system to effectively identify route leaks at scale. Our experimental results on real-world BGP route leak data demonstrate that it can achieve 92% locating accuracy with less than 1 ms locating latency. Furthermore, the results show that RoLL+ can process over 7,000 AS triplets per second, meeting real-world throughput requirements.
期刊介绍:
The IEEE/ACM Transactions on Networking’s high-level objective is to publish high-quality, original research results derived from theoretical or experimental exploration of the area of communication/computer networking, covering all sorts of information transport networks over all sorts of physical layer technologies, both wireline (all kinds of guided media: e.g., copper, optical) and wireless (e.g., radio-frequency, acoustic (e.g., underwater), infra-red), or hybrids of these. The journal welcomes applied contributions reporting on novel experiences and experiments with actual systems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
