论文部分内容阅读
针对域间路由中间人攻击这一域间路由安全面临的新威胁,建立攻击模型并分析其在路由控制平面和数据平面所产生的异常特征,进而提出一种域间路由中间人攻击的实时检测系统。该系统首先通过控制平面异常监控发现可疑的异常路由,之后进行数据平面转发路径探测以鉴别该异常是否为域间路由中间人攻击。实际网络部署的测试结果表明:该系统是轻量级的,并能实时有效地检测出可能的域间路由中间人攻击。
Aiming at the new threat of inter-domain routing man-in-the-middle route routing security, an attack model is established and its anomalous characteristics in routing control plane and data plane are analyzed. Then a real-time detection system of inter-domain routing man-in-the-middle attack is proposed. The system firstly detects the suspicious abnormal route through the abnormal monitoring of the control plane and then probes the data plane forwarding path to identify whether the anomaly is an inter-domain routing man-in-the-middle attack. The test results of actual network deployment show that the system is lightweight and can detect possible inter-domain routing man-in-the-middle attacks in real time.