Determination of components of route hijack risk by Internet connections topology analysis
Keywords:global routing, Internet, route hijacking, routing model, cybersecurity, risk assessment
The possibility of dynamic routes change between nodes that are not physically connected is a key feature of the Internet routing. The exterior gateway protocol BGP‑4 has been developed to deliver this feature, along with policies and procedures of inter-domain routing. Developed for the network of hundreds nodes that rely on information from each other, after decades BGP-4 is still the same with tens thousands nodes and its crucial lack of routing data integrity. One of the most significant problems deriving from its weaknesses is route leaks and route hijacks. None of the proposed and partially implemented upgrades and add-ons like MANRS and RPKI can not deliver reliable defense against those types of attacks. In this paper, the approach of risk assessment via internetworking links analysis is developed. Although modern information security is based on risk management, in this paper it is proposed to mitigate route hijack risks by enhancing links topology. Estimating the risks of route hijack requires quantitative measurement of the impact of an attack on the routing distortion, and therefore, the loss of information security breach. For this assessment, this paper proposes to use knowledge of the features of the Internet topology at the layer of global routing, which is determined by the interaction of autonomous systems - groups of subnets under common control - according to the routing protocol BGP-4. Based on our formal representation of IP routing, the relationship between topology and the risk of route hijack is shown. A new approach to quantifying information risk using a new risk-oriented model of global routing, which will reflect the properties of Internet nodes in terms of the risk of routes hijack.
Internet Mapping and Annotation. Center for Applied Internet Data Analysis. [Online]. Available: https://www.caida.org/research/topology/internet_mapping/. Accessed on: June 28, 2020.
M. Newman, “The structure and function of networks”, Computer Physics Communications, vol. 147, iss. 1-2, 2002, pp. 40-45, doi: https://doi.org/10.1016/S0010-4655(02)00201-1.
M. Faloutsos, P. Faloutsos, and C.Faloutsos, “On Power-Law Relationships of the Internet Topology”, Computers and Communications Review, no. 29, 1999, pp. 251-263, doi: https://doi.org/10.1145/316194.316229.
V. Zubok. “Retrospective Analysis of Cyber Incidents related to Attacs on Global Routing”, Modeling and Information Technologies, iss. 86, 2019, pp.42-49.
RIPE NCC’s Implementation of Resource Public Key Infrastructure (RPKI) Certificate Tree Validation. [Online]. Available: https://tools.ietf.org/html/rfc8488. Accessed on: May 25, 2020.
V. Zubok, “Metric Approach to Risk Evaluation of Cyberattacks on Global Routing”, CEUR Workshop Proceedings, vol. 2318, pp. 251-260. [Online]. Available: http://ceur-ws.org/Vol-2318/. Accessed on: June 28, 2020.
P. Sermpezis et al., “ARTEMIS: Neutralizing BGP Hijacking within a Minute”. [Online]. Available: https://arxiv.org/abs/1801.01085. Accessed on: June 27, 2020.
T. McDaniel, M. Smith, and M. Schuchard, “Peerlock: Flexsealing BGP”. [Online]. Available: https://arxiv.org/abs/2006.06576. Accessed on: July 17, 2020.
International Organization for Standardization. (2009, Nov. 13). ISO Guide 73, Risk management. Vocabulary. [Online]. Available: https://www.iso.org/standard/44651.html. Accessed on: Aug. 20, 2019.
Y. Rekhter, and P. Gross, “RFC 1772. Application of the Border Gateway Protocol in the Internet”. [Online]. Available: http://tools.ietf.org/html/rfc1772. Accessed on: June 20, 2020.
V. Mokhor, and V. Zubok, Forming of Internode Connectionsin the Internet Using the Theory of Complex Networks. Kyiv, Ukraine: Prometey, 2017.
V. Zubok, “Formal Description of Global Internet Global Routing Objects for Assessing the Risks of Attacks on Global Routing”, Data Recording, Storing and Processing, vol. 21, no. 4, 2020, pp. 67-74, doi: https://doi.org/10.35681/1560-9189.2019.21.4.199409.
How to Cite
Copyright (c) 2020 Information Technology and Security
This work is licensed under a Creative Commons Attribution 4.0 International License.
The authors that are published in this collection, agree to the following terms:
- The authors reserve the right to authorship of their work and pass the collection right of first publication this work is licensed under the Creative Commons Attribution License, which allows others to freely distribute the published work with the obligatory reference to the authors of the original work and the first publication of the work in this collection.
- The authors have the right to conclude an agreement on exclusive distribution of the work in the form in which it was published this anthology (for example, to place the work in a digital repository institution or to publish in the structure of the monograph), provided that references to the first publication of the work in this collection.
- Policy of the journal allows and encourages the placement of authors on the Internet (for example, in storage facilities or on personal web sites) the manuscript of the work, prior to the submission of the manuscript to the editor, and during its editorial processing, as it contributes to productive scientific discussion and positive effect on the efficiency and dynamics of citations of published work (see The Effect of Open Access).