• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.873-876
• /
• 2012

RFC 4271 에 규정되어 있는 BGP 는 대규모네트워크 망에서 효과적인 라우팅 정보전달을 위해 사용되어지는 프로토콜이다. 이러한 BGP 는 TCP Port 179 번을 사용함에 따라 TCP/IP 가 가지고 있는 보안위협에 노출되어 있다. BGP 보안 위협은 AS-PATH 공격, IP Hijacking 공격, BGP Neighbor 공격으로 라우터 자체의 보안설정으로 대부분 방어가 가능하나 BGP SYN Attack 에 대해서는 취약하다. BGP SYN Attack 은 호스트나 서버가 아닌 BGP 를 사용하는 라우터를 직접 공격하여 라우터의 TCP 나 BGP 관련 리소스를 고갈시켜 정상적인 기존 BGP 세션을 단절시키거나 새로운 BGP 세션 연결을 방해하여 결국 BGP 라우팅 정보를 교란하여 네트워크를 마비시킬 수 있다. 본 논문에서는 이러한 BGP SYN Attack 에 차단하기 위하여 이웃라우터간 안정적인 BGP 연결을 위해 설정한 BGP Neighbor Password 를 Key 로 활용한 개선된 BGP TCP 구조를 제안한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.10
• /
• pp.1525-1530
• /
• 2022

BGP(Border Gateway Protocol) is a routing protocol that is actively used in inter-AS routing on the Internet. However, BGP routing protocol is vulnerable to BGP hijacking attacks that hijack the network by impersonating normal BGP sessions. BGP Hijacking attacks can lead to causing intercept IP traffic or interference with the normal service operation. Recently, BGP hijacking attacks, which have often occurred overseas, have also occurred in Korea. It means threatening the security of the Internet. In this paper, we analyze the overall process of attack through representative attack cases and virtual scenarios of BGP hijacking and based on the results of analyzing the application status of security technology to prevent BGP hijacking attacks by Korea and global major ISPs. It covers the technical proposal of ISPs and autonomous system operators should take to defend against BGP hijacking attacks.

• Journal of KIISE:Information Networking
• /
• v.32 no.6
• /
• pp.745-752
• /
• 2005

BGP is a unique routing protocol in broadband internet. It chooses routing paths considering internet hierarchy and local policies. As BGP routers selectively bypass routing information to a subset of neighboring BGP routers, connectivity by way of a series of links between source and destination nodes does not mean reachability of routing information of the two. In emergency when BGP routers or links over wide range are not available, BGP routers have to use links that are not normally used to keep reachability. This paper listed out the requirements for BGP backup routing and proposed a routing solution that hides most demerits in currently published ones. The proposed backup operates in three tiers according to network damage. Under this rule, BGP routers use tier-0 routing paths at normal. If networks are impaired, they choose tier-1 paths. If networks are seriously damaged, tier-2 paths are allowed to use. Also this paper proves that the proposed backup guarantees stability and safeness. As results, the proposed backup is very adaptive to light network damages as well as serious ones and provides strong routing reachability at all times.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.3
• /
• pp.46-52
• /
• 2008

BGP is an exterior routing protocol which exchanges routing information between ASs in ISP or large networks. It is necessary for the BGP to provide traffic enforcement among ASs, for an End-to-End traffic engineering capability in the Internet. However, traditional BGP-4 is lack of end-to-end traffic engineering capability because the policy-based routing affects the traffic only between directly-connected neighbor ASs. This paper proposes an extended BGP routing algorithm to achieve an End-to-End traffic engineering capability. This new method does not require an additional BGP message type, nor change a structure of existing routing table. It only extended the operation of UPDATE message with AS_PATH attribute, which is well-known mandatory. Simulation shows that the new BGP algorithm improves the packet delay and packet loss without the problem of backward compatibility.

• Convergence Security Journal
• /
• v.9 no.4
• /
• pp.35-41
• /
• 2009

Internet routing protocols currently in use in the typical protocol of the existing BGP protocol to strengthen the security of the BGP protocol by comparison with research on emerging issues of the AS-Path, IP Fake, DRDoS BGP protocol must be used when such the information you need, but due to malicious attack, or an incorrect setting can prevent the global Internet network operating in an security to threat information are analyzed.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.1
• /
• pp.81-97
• /
• 2012

The objective of this paper is to investigate the 'state of the art' of the interdomain routing protocol BGP. First, BGP is critically reviewed focusing on the BGP policy and decision making process. And then the problems which still remain as open questions are investigated in the areas of 1) protocol stability, 2) traffic engineering and 3) quality of service. The recent research trend to answer the open questions is discussed.

• Journal of KIISE
• /
• v.42 no.4
• /
• pp.541-549
• /
• 2015

A large volume of continuously growing BGP data files can raise two technical challenges regarding scalability and manageability. Due to the recent development of the open-source distributed computing infrastructure, Hadoop, it becomes feasible to handle a large amount of data in a scalable manner. In this paper, we present a new Hadoop-based BGP tool (BGPdoop) that provides the scale-out performance as well as the extensible and agile analysis capability. In particular, BGPdoop realizes a query-based BGP record exploration function using Hive on the partitioned BGP data structure, which enables flexible and versatile analytics of BGP archive files. From the experiments for the scalability with a Hadoop cluster of 20 nodes, we demonstrate that BGPdoop achieves 5 times higher performance and the user-defined analysis capability by expressing diverse BGP routing analytics in Hive queries.

• Journal of Communications and Networks
• /
• v.12 no.2
• /
• pp.191-197
• /
• 2010

In this paper, we propose a novel methodology to identify border gateway protocol (BGP) updates associated with major events - affecting network reachability to multiple ASes - and separate them (statistically) from those attributable to minor events, which individually generate few updates, but collectively form the persistent background noise observed at BGP vantage points. Our methodology is based on principal component analysis, which enables us to transform and reduce the BGP updates into different AS clusters that are likely affected by distinct major events. We demonstrate the accuracy and effectiveness of our methodology through simulations and real BGP data.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.3-12
• /
• 2019

BGP is the most important protocol among routing protocols that exchange routing information to create routing tables and update changed information so that users on the Internet can send information to destination systems. This paper analyzes how to prevent malicious attacks and problems caused by network administrator's mistakes by using vulnerabilities in BGPv4 that are currently used. We analyzed the attack methods by performing the actual attack experiment on the AS-PATH attack, which is the attack method for BGP's representative security vulnerability, and proposed the algorithm to identify the AS-PATH attack.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2022.01a
• /
• pp.103-105
• /
• 2022

본 논문에서는 GRE 터널링을 사용한 원격지에서의 BGP 어나운싱 방법에 대해 서술한다. BGP 어나운스를 진행하기 위해서는 고가의 라우터 장비와, 고성능, 고가용성의 네트워크, 자율시스템 망 식별 번호 (AS Number)이 필요하지만 소형 네트워크 운영을 위해 위 요소들을 모두 구비하는 것은 어려운 점이 많기 때문에, BGP Announce를 지원하는 퍼블릭 클라우드와의 GRE 라우팅을 사용해서 저비용으로 안정적인 BGP Announce를 하는 방법과, 이에 필요한 소프트웨어적 구성에 대해서 기술한다.