Hierarchical Origin and Path verification for securing inter-domain routing protocol

Border Gateway Protocol (BGP 4) has emerged as the de facto inter-domain routing protocol used for making the core routing decisions on the Internet. However, it is not a secured protocol and suffers from serious security flaws such as no Origin AS Prefix verification and no AS Path verification. These two flaws in the BGP protocol can result in the attacks such as Prefix Hijacking and AS_PATH Forgery. These flaws are present in BGP due to lack of mechanisms for validating the actual source and path of the BGP UPDATE message. Many alternatives for the BGP such as S-BGP, SoBGP, etc. have been proposed but they are not compatible with the BGP and we need to replace BGP completely with them. The proposed method is a complimentary protocol to the BGP and verifies the Origin AS and the AS_PATH advertised in the BGP UPDATE message. The proposed Hierarchical Origin & Path (HOP) Verification method can be deployed in the current setting and works along with BGP. It can also be deployed in a scalable manner and can also work along with the ASes which do not follow HOP Verification method, thereby, solving all the deployment issues.