AT: An Origin Verification Mechanism Based on Assignment Track for Securing BGP

Due to the lack of the mechanism within BGP to verify the authority of an Autonomous System (AS) to announce Network Layer Reachable Information (NLRI), a specific IP prefix may be hijacked by a suspicious AS, leading to Internet instability even crash. Current proposals which adopt assignment attestations to guarantee validity of each step on address assignment path and an authorization attestation to guarantee that an AS is authorized to announce a prefix by an organization, are vulnerable to a prefix hijacking called "Malicious Service Provider (MSP)", because these proposals only ensure that an AS is authorized to announce a prefix by one of subscribing organizations in the assignment path of the prefix, not the last subscribing organization. An AS authorized by the last subscribing organization is the legitimate origin AS. It is analyzed that 60% ASes in the Internet may be vulnerable to "MSP" prefix hijacking. The paper proposes a novel origin verification mechanism called Assignment Track (AT), where all ASes must provide the assignment track and attestations (ATA) of their announced prefixes, and for a prefix, the AS which provides the longest valid assignment track is its origin AS. AT make valid prefix hijacking, sub-prefix hijacking and unused prefix hijacking, especially \´MSP\´ prefix hijacking impossible. Performance evaluation results show that AT only consumes 1.008 Mbytes memory based on RouteViews data on September 27, 2007, does not increase UPDATE message size, and scarcely delays route convergence under hardware implementation. AT can be applied in current BGP secure solutions and next generation inter-domain routing protocols.