Research on Blockchain-Based Inter-Domain Routing Security Enhancement

WANG Qun, LI Fujuan, NI Xueli, XIA Lingling, MA Zhuo

doi:10.3778/j.issn.1673-9418.2407065

Jisuanji kexue yu tansuo (Dec 2024)

Research on Blockchain-Based Inter-Domain Routing Security Enhancement

WANG Qun, LI Fujuan, NI Xueli, XIA Lingling, MA Zhuo

Affiliations

WANG Qun, LI Fujuan, NI Xueli, XIA Lingling, MA Zhuo: 1. Department of Computer Information and Cybersecurity，Jiangsu Police Institute, Nanjing 210031, China 2. Jiangsu Electronic Data Forensics and Analysis Engineering Research Center, Nanjing 210031, China 3. National Key Laboratory for Novel Software Technology, Nanjing University, Nanjing 210023, China

DOI: https://doi.org/10.3778/j.issn.1673-9418.2407065
Journal volume & issue: Vol. 18, no. 12
pp. 3144 – 3174

Abstract

Read online

The border gateway protocol (BGP) is currently the de facto interdomain routing standard in the Internet, with its security based on the authenticity and integrity of autonomous systems (AS) identities and paths. However, BGP itself lacks intrinsic security mechanisms, and its security issues have garnered significant attention. Blockchain, as an innovative technology for building a new generation of information infrastructure, can establish a distributed multi-party trust system in an open Internet environment. It offers technical solutions to the issues and challenges encountered in traditional BGP security enhancement. According to technology development and security iteration, this paper categorizes the BGP security enhancement into three progressive stages: the theoretical exploration stage represented by secure border gateway protocol (S-BGP), the practical application stage with resource public key infrastructure (RPKI) as the security foundation, and the innovative development stage with the blockchain technology. Firstly, this paper analyzes the vulnerabilities in BGP routing propagation methods and routing policies, along with three typical security threats: prefix hijacking, path spoofing, and route leaks. Next, traditional BGP security enhancement techniques and research context are reviewed, with a particular focus on proactive defense and anomaly detection mechanisms to counter erroneous route announcement attacks. Then, following a brief introduction to the fundamental principles of blockchain technology, the paper explores the implementation concepts, paths, and methods of blockchain-based BGP security enhancements, utilizing the blockchain’s characteristics of decentralization, tamper resistance, traceability, and distributed deployment. Finally, the challenges faced in BGP security enhancement with blockchain technology are discussed, and future research directions are outlined.

border gateway protocol; security enhancement; blockchain; resource public key infrastructure; route attestation

Published in Jisuanji kexue yu tansuo

ISSN: 1673-9418 (Print)
Publisher: Journal of Computer Engineering and Applications Beijing Co., Ltd., Science Press
Country of publisher: China
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: http://fcst.ceaj.org

About the journal

Abstract

Keywords