Abstract-ASes in inter-domain routing receive little information about the quality of the routes they receive. This lack of information can lead to inefficient and even incorrect routing. In this paper, we quantitatively characterize BGP announcements that violate the so-called valleyfree property-an indicator that universal best practices are not being preserved in the propagation of routes. Our analysis indicates that valley announcements are more pervasive than expected. Approximately ten thousand valley announcements appear every day and involve a substantial number of prefixes. 11% of provider ASes propagate valley announcements, with a majority of violations happening at intermediate providers. We find that large surges of violating announcements can be attributed to transient configuration errors. We further propose a dynamic mechanism that provides route propagation information as transitive attributes of BGP. This information implicitly reflects the policies of the ASes along the path, without revealing the relationship of each AS pair. BGP-speaking routers use this information to identify (and presumably avoid) routes that violate the valley-free property.
The Border Gateway Protocol (BGP), and hence the Internet, remains critically vulnerable to a range of prefix forgery attacks. In this paper, we address these attacks by proposing a non-cryptographic, incrementally deployable mechanism to probabilistically detect forged BGP origin advertisements. Upon receiving an advertisement from a "suspicious" origin, the receiving domain intelligently probes other ASes about the received information. Any dissenting information indicates potential forgery or error, and is reported by the polled ASes to the true origin and processed appropriately. In this design, we exploit the fact that the highly connected AStopology makes it difficult to block the dissemination of information as it traverses the Internet. We evaluate the effectiveness of our probing mechanism via simulation on realistic Internet topologies. The experiments show that 98% of forgeries can be detected even when as few as 10% of the ASes participate in the protocol under a naïve polling strata gem. Moreover, we show that judicious node selection can further improve detection rates while minimizingthe number of probes. Intr oductionThe Border Gateway Protocol (BGP) controls how Internet traffic is routed [1]. However, the protocol is vulnerable to a range of route and prefix forgery attacks. In addressing these threats, one must ensure the validity of both the paths and the prefix origins. This work is concerned with the latter: how can the routing system detect false origin advertisements received via BGP?An origin is forged when an AS other than the legitimate/authorized owner incorrectly advertises a prefix either due to misconfiguration [2] or malicious attack [3]. A number of approaches have been proposed to address this origin authentication problem [4,5,6,7], but require cryptographic machinery and often significant router state. These costs are seen as a significant barrier to adoption in environments where router resources are already stretched thin.We address the limitations of past solutions by introducing a non-cryptographic, incrementally deployable mechanism that probabilistically detects false BGP origin advertisements. Our technique is based on the following observation: the highly connected nature of the Internet's AS topology makes it prohibitively difficult to block all routing announcements originated by a valid source. 1 Consider an AS that falsely advertises a prefix . As long as the true origin AS is active, then some set of ASes, call them , will accept the correct origin advertisement. Once any node in is contacted, the incorrect route can be forwarded to 's true origin. At that point, steps to rectify the conflict can be initiated. The true origin has strong incentives for ensuring the correct use of its address space, and hence is likely to expend all reasonable efforts to ensure proper resolution of the conflict. Note that the present work concentrates on conflict detection only, leaving deep consideration of their resolution to future work. This paper considers the design, operation,...
foreign matter intrusion on train operation safety is becoming increasingly serious. Based on a large amount of research data, among many factors affecting the operation safety of high-speed railway, the detection of personnel and foreign matter intrusion is difficult, and the preventive measures are limited, mainly because of its strong randomness and complexity. This paper systematically introduces the development status of high-speed railway line protection technology at home and abroad, especially summarizes the development status of high-speed railway line monitoring technology in China, and proposes a new design of foreign object intrusion detection and alarm device based on new sensors and networks, which has certain reference value for high-speed railway line protection and railway bureaus and departments in related fields.
Aiming at the chaos control of permanent magnet synchronous motor, a dual-parameter collaborative intelligent optimal control method based on GWO-RBFNN was proposed. Starting from the perspective that the controller can automatically search for the expected motion state, the distance between two points on the Poincaré cross section is selected as the controller input. And considering the coupling effect of system parameters on the dynamic behavior of the system, a dualparameter cooperative controller is designed based on radial basis function neural network (RBFNN); Grey Wolf Optimization (GWO) algorithm is used to optimize the selection of controller parameters; By slightly adjusting the two controllable parameters of the system, the chaotic motion of the PMSM system is controlled to the expected motion state. In the simulation study, compared with the single-parameter intelligent optimization control method based on GWO-RBFNN, the results show that although both methods can achieve chaotic motion control, the control speed of the dual-parameter collaborative intelligent optimization control method based on GWO-RBFNN is faster and overshoot is smaller.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.