IMPROVING INTERNET RELATIONSHIP TOPOLOGY BY RISK ASSESSMENT

Authors

DOI:

https://doi.org/10.33099/2311-7249/2020-39-3-61-66

Keywords:

global routing, route hijack, trust metrics, cybersecurity

Abstract

The Internet operates and is constantly growing due to global routing system, the scalability of which is indisputable. But this system has certain information security flaws, due to which there are threats of deliberate distortion of packet transmission paths in order to violate the integrity, accessibility and confidentiality of information. Such actions are called "route hijacks". The mechanisms of the mentioned cyberattacks are aimed at imposing on misconception or, in other words spoofing the network topology derived from routing tables, while mechanisms for validation of this information in the global routing protocol BGP-4 are absent. This vulnerability cannot be completely addressed without replacing the BGP-4 protocol, which could take another decade.

Reducing the potential impact of cyber attacks on global routing requires a new methodology for assessing the effectiveness of interconnections and improving the network topology. Thus, the paper studies  usage of a modern risk-oriented approach, when the risk owner uses the value of risk as a measure of information security. The proposed methodology is based on the analysis of the topology of the Internet, subjects, objects and processes of global routing. The owner of the risk is determined, the risks themselves are identified.

New metrics have been introduced to assess the risk of route interception - a trust metric and a significance metric. The trust metric characterizes the probability of a  route hijack at a certain node and depends on the metric distance between the risk owner and the target node. The concept of subject of trust and  object of trust is introduced. Significance metrics characterizes the level of maximum damage associated with the area of the expected spread of the spoofed route. It is complex and takes into account the number of network prefixes routed through the target node, the weight of the prefix according to its length, and the distance between the source of the prefix and the target node. Risk assessment based on these metrics serves as a measure of the effectiveness of the topology in protecting against interception of routes, and provides an opportunity to make decisions on improving interconnections, using risk to measure the information security.

References

Sermpezis, P. A survey among network operators on BGP prefx hijacking / Sermpezis P., Kotronis V., Dainotti A., Dimitropoulos X. // ACM SIGCOMM Computer Communication Review, 2018,48(1), рр.64–69.

Reuter, A. Towards a rigorous methodology for measuring adoption of RPKI route validation and fltering / Reuter A., Bush R., Cunha I. et al. // Ibid, 2018, 48(1), pp.19–27.

«ISO/IEC 27000:2018 Information technology. Security techniques. Information security management systems. Overview and vocabulary». ISO/IEC JTC 1/SC 27. Feb. 2018.

«ISO Guide 73:2009. Risk management — Vocabulary». ISO/TMBG, Nov. 2009.

Зубок В. Визначення напрямків протидії кібератакам на глобальну маршрутизацію в мережі Інтернет // Електрон. моделювання, 2018, 40, №5, с.67-76.

Mui, L. A computational model of trust and reputation / Mui L., Mohtashemi M., Halberstadt A. // System Sciences, 2002, р. 2431—2439.

Downloads

Published

2020-12-30

Issue

Vol. 39 No. 3 (2020)

Section

Confrontation in the cybernetic space

License

Authors who publish with this journal agree to the following terms:

1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).

4. Personal data and metadata contained in articles are available for storage and processing in various databases and information systems, including them in analytical and statistical reports, creating reasonable relationships of scientific , literary and art objects with personal data, etc. on an area which is not limited.