|QTM: Autonomous System Reputation (AS-CRED)|
The Border Gateway Protocol (BGP) is the standard communication
protocol for interconnecting large IP domains, called Autonomous Systems
(AS). BGP operates by exchanging updates between ASes; which contains
reachability information for prefixes (IP address blocks). The current
design of BGP implicitly requires the existence of complete trust between
ASes exchanging BGP routing information, which is a cause for concern given
the tendency of many ASes to announce invalid BGP updates for some or all of
A valid update is defined as satisfying two conditions: (1) Accuracy : it provides accurate routing information (e.g., prefix hijacking), and (2) Necessity : the update itself is necessary for the correct operation of the Internet (e.g., it is not part of a sequence of short duration prefix announcements and withdrawals). Much work has been done in detecting occurrence of invalid updates in the Internet. These solutions however are limited to detecting inaccurate updates (e.g., prefix hijacking), none of them are designed to address the necessity aspect of update validity.
In order to remedy this situation, we have developed AS-CRED, a reputation management and alert service for Autonomous Systems. It quantifies the level of "cred"(trust) one can have in an AS' tendency to announce valid updates. Trust in AS-CRED is represented using a predictive metric called reputation . To compute the reputation of an AS, AS-CRED analyzes the updates announced by the AS, over a time-window based on well-defined properties, provides feedback to a reputation function which computes the reputation value. The reputation values thus computed are used for triggering alerts for any BGP updates received from then on which are predicted to be invalid based on the reputation of the ASes which announced them.
AS-CRED service has many uses: (1) Behavior Metric: Its association of an objective and global trust metric with every observable AS in the Internet allows ASes to not only know about other ASes but also how it itself is perceived. AS can now make better informed decisions in dealing with others and tuning their business, traffic, scalability or security policies, accordingly; (2) White-List: One of the byproducts of reputation computation is a white-list of AS-prefix pairs which are legitimate (stable and legal). The white-list can be used by ASes for tuning their import and export policies: (3) Expanded Alert Service: The alert mechanism is unlike any existing alert systems available, in that: (a) it provides an alert for both inaccurate and unnecessary updates announced, (b) it provides the reputation value for the AS involved along with the alert, which is very useful for understanding the behavior of ASes, and (c) the reputation and alerts can provide effective diagnostic and forensic tool to debug network connectivity issues at Internet scale; (4) Incentivization: The availability of reputation has the potential to provide an incentive for ASes to improve their behavior in the future.
Interested readers should check out the documents below: