CENTRA:CENtrally Trusted Routing vAlidation for IGP
Trusted routing is a hot spot in network security.Lots of efforts have been made on trusted routing validation for Interior Gateway Protocols(IGP),e.g.,using Public Key Infrastructure(PKI)to enhance the security of protocols,or routing monitoring systems.However,the former is limited by further deployment in the practical Internet,the latter depends on a complete,accurate,and fresh knowledge base–this is still a big challenge(Internet Service Providers(ISPs)are not willing to leak their routing policies).In this paper,inspired by the idea of centrally controlling in Software Defined Network(SDN),we propose a CENtrally Trusted Routing vAlidation framework,named CENTRA,which can automated collect routing information,centrally detect anomaly and deliver secure routing policy.We implement the proposed framework using NETCONF as the communication protocol and YANG as the data model.The experimental results reveal that CENTRA can detect and block anomalous routing in real time.Comparing to existing secure routing mechanism,CENTRA improves the detection efficiency and real-time significantly.
Trusted Routing Centrally Controlling SDN IGP OSPF Neighbor NETCONF YANG
Hao Zeng Baosheng Wang Wenping Deng Xianming Gao
College of Computer National University of Defense Technology Changsha,China
国际会议
南京
英文
22-24
2017-10-12(万方平台首次上网日期,不代表论文的发表时间)