| 下一代互联网域间路由安全:威胁与对策 |
| |
| 引用本文: | 米强,杜秀春,蔡开裕,刘欣.下一代互联网域间路由安全:威胁与对策[J].计算机工程与科学,2006,28(5):5-7. |
| |
| 作者姓名: | 米强 杜秀春 蔡开裕 刘欣 |
| |
| 作者单位: | 1. 国家计算机网络与信息安全管理中心,北京,100029
2. 国防科技大学计算机学院,湖南,长沙,410073 |
| |
| 基金项目: | 中国科学院资助项目;国家科技攻关项目 |
| |
| 摘 要: | 基于BGP的域间路由系统是下一代互联网的关键基础设施.本文系统地分析了下一代互联网域间路由系统的脆弱性,建立了下一代互联网域间路由的攻击模型对各种攻击目标和攻击方式进行描述,并从多个层次对BGP-4和BGP4+的安全能力进行分析与比较.此外,我们给出了路由攻击检测系统方案,该方法可有效实现域间路由系统的安全控制
|
| 关 键 词: | 域间路由 下一代互联网 安全 攻击检测 |
| 文章编号: | 1007-130X(2006)05-0005-03 |
| 修稿时间: | 2004年11月3日 |
Next Generation Internet's Inter-Domain Routing Security:Threats and Countermeasures |
| |
| MI Qiang,DU Xiu-chun,CAI Kai-yu,LIU Xin.Next Generation Internet''''s Inter-Domain Routing Security:Threats and Countermeasures[J].Computer Engineering & Science,2006,28(5):5-7. |
| |
| Authors: | MI Qiang DU Xiu-chun CAI Kai-yu LIU Xin |
| |
| Abstract: | The BGP-based inter-domain routing system is the infrastructure of NGI (Next Generation Internet). There are serious security threats in the BGP routing system. This paper first analyzes the vulnerability of the inter-domain routing system of NGI,presents an attack model towards inter-domain routing which describes certain attack goals and various attack modes, and compares between BGP-4 and BGP4+ on security capabilities in view of the protocol hierarchy. We propose a detection scheme for routing attacks, which can effectively achieve the inter-domain routing security of NGI. |
| |
| Keywords: | inter-domain routing NGI (Next Generation Internet) security routing attack detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与科学》浏览原始摘要信息 |
|
点击此处可从《计算机工程与科学》下载全文 |
|
