Handling risks from intercepting a route on the internet using a risk-oriented global routing model

Authors

  • В. Ю. Зубок

DOI:

https://doi.org/10.18372/2073-4751.63.14997

Keywords:

Internet, route interception, risk management, global routing, trust metrics

Abstract

Global routing incidents have increasingly occurred in recent years, becoming a new large-scale cyber threat. Cyberattacks on global internet routing are used to unauthorizedly change package forwarding paths in order to intercept information, destabilize whole or part of the network, disrupt access to certain information resources, etc. The mechanisms of these cyberattacks are aimed at imposing on the subjects of global routing a misconception about the topology of the network in the absence of mechanisms for validation of this information in the global routing protocol BGP-4. In any case, a complete replacement should not be expected in the coming decade.

Thus, the problem of information security during firewall exchange requires a new methodology. The methodology proposed in the article is based on the analysis of internet topology, subjects, objects and processes of global routing, as well as risk management, which is a modern approach in information security. The owner of the risk has been identified, the risks themselves have been identified. New metrics have been introduced to assess the risk of intercepting routes – trust metrics and metrics of significance.

As a result, a risk-oriented model of global routing is obtained, describing the relationship of Internet nodes in terms of the risk of route interception. This allows you to simulate the most effective topology, where the effectiveness criterion is risk assessment as a measure of information security. The article demonstrates the practical results of the use of risk-oriented models of global routing for the assessment and modeling of inter-network relations in the Ukrainian segment of the Internet.

References

Зубок В.Ю. Визначення напрям-ків протидії кібератакам на глобальну маршрутизацію в мережі Інтернет. / В.Ю. Зубок. – Електрон. моделювання, 2018. – №5. – С. 67-76.

Зубок В.Ю. Формальний опис об’єктів і процесів глобальної маршрути-зації у мережі Інтернет для оцінки впливу кібератак на маршрутизацію / В.Ю. Зубок. – Реєстрація, зберігання і обробка даних. – №4. – Том 21. – ІПРІ НАН України, 2019. – С. 67-74.

Мохор, В. Формування міжвузлових зв’язків в Інтернет з використанням методів теорії складних мереж / В. Мохор, В. Зубок – Київ: Прометей, 2017. – 175 с.

Fuller. V. Classless Inter-domain Routing (CIDR): The Internet Address Assignment and Aggregation Plan. / V. Fuller, T. Li. / [Інтернет ресурс]. Веб-сайт: Tools.ietf. Режим доступу: https://tools.ietf.org/html/rfc4632.

Dimitropoulos X. Modeling Autonomous–System Relationships / X. Dimitropoulos, G. Riley. / 20th Workshop on Principles of Advanced and Distributed Simulation (PADS'06). – Singapore, 2006.

Downloads

How to Cite

Зубок, В. Ю. (2020). Handling risks from intercepting a route on the internet using a risk-oriented global routing model. Problems of Informatization and Control, 1(63), 34–41. https://doi.org/10.18372/2073-4751.63.14997

Issue

Vol. 1 No. 63 (2020)

Section

Статті

License

The scientific journal adheres to the principles of Open Access and provides free, immediate, and permanent access to all published materials without financial, technical, or legal barriers for readers.

All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.

Copyright

Authors who publish their works in the journal:

  • retain the copyright to their publications;

  • grant the journal the right of first publication of the article;

  • agree to the distribution of their materials under the CC BY 4.0 license;

  • have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.