面向IPv6网络的域间路由异常检测技术研究
|
摘要
Internet对国家的经济建设和社会发展发挥的作用越来越大。基于BGP协议构造的域间路由系统是Internet的基础设施,目前仍面临多种恶意攻击的威胁且易受人为错误的影响。近年来,对Internet域间路由安全的研究受到极大关注,已成为Internet领域中的一个研究热点。
随着IPv4地址空间消耗殆尽,IPv6网络的全面部署变得更加迫切,这对Internet的域间路由安全研究提出了新的要求。同时,由于S-BGP等安全协议机制的部署存在重重障碍,要基于现有网络设备确保域间路由系统的健康,域间路由监测是非常实际和真正能够发挥效用的技术途径。本文面向IPv6网络对于域间路由异常检测技术进行了研究,所做工作主要体现在以下几个方面:
1、从地址结构与分类、分配策略、IP层协议和网络安全机制四个方面比较了IPv6网络和IPv4网络;对比了BGP4+协议和BGP-4协议;考查了IPv6的部署和运行情况,比较了IPv4网络和IPv6网络的规模,指出由于隧道技术和翻译技术的应用,IPv6的域间路由安全对于IPv4网络存在依赖关系。
2、借鉴网络科学的思想提出了从数据流量的角度评价自治系统相对于指定自治系统或自治系统集合重要性的指标——边缘介数;进而基于边缘介数优化了Tier-1层自治系统的推断算法,这为面向IPv6网络的违反“无谷底”原则异常检测,以及在监测过程中关键自治系统和网络的选取提供了依据。
3、面向IPv6网络深入研究了域间路由异常及其检测技术。发现了前缀过长、ASPath为空和ASPath杂糅三种新异常,修正了DUSA异常(Documentation Special Use IP Address,特殊用途IP地址)和私有自治系统异常的判定规则,并提出了相应的检测算法;面向IPv6网络分析了其他域间路由异常。
4、基于上述关键技术,对面向IPv6网络的域间路由监测系统进行了设计和实现,使其能够兼容面向IPv4网络的域间路由异常检测技术;比较了IPv6网络和IPv4网络中所发现的域间路由异常,并从影响范围的角度分析了IPv6网络中所发现的域间路由异常的具体情况。
本文面向IPv6网络对域间路由异常及其检测技术进行了深入研究。研究发现IPv6网络虽然正处于商业化部署的初始阶段,但已存在IPv4网络中发现的所有域间路由异常,并有新的异常被发现;同时发现由于隧道技术和翻译技术的使用,IPv6网络的域间路由安全对于IPv4网络存在依赖关系。
The Internet is playing an increasingly important role in the national construction and society development. As the key information infrastructure of Internet, BGP based inter-domain routing system is currently threatened by malicious attacks and human errors. In recent years, inter-domain routing security has drawn significant attentions from academic and industrial communities.
With the exhaustion of IPv4 adderss space, it becomes urgent to deploy IPv6, which raises new demands on the security of inter-domain routing. Meanwhile, there are many barriers for the security mechanisms such as S-BGP to deploy, and the monitoring of inter-domain routing is a pratical and efficient way to secure inter-domain routing via current networking facility. This paper focuses on the detection of inter-domain routing anomaly in IPv6 networks, and our contributions are summarized as follows:
1) In terms of address structure and category, allocation policy, IP Protocol and security schemes in IP layer, we compare the IPv6 networks and IPv4 networks, and we also compare the protocol BGP4+ and BGP-4 to find the difference impacting the inter-domain routing security. We investigate the deployment situation of IPv6 networks, and find that the security of inter-domain routing in IPv6 networks is relying on the IPv4 networks due to the use of tunnel technology and translation technology.
2) Drawing experience from network science, we propose a new metric Marginal Betweenness to characterize the importance of an AS (Autonomous System) to a particular AS or a group of ASes from the perspective of Internet traffic. Based on this new metric, we optimize the inference algorithm of Tier-1 ASes by incorporating the traffic characteristics that each Tier-1 AS should forward a significant portion of traffic for its Tier-1 partners. This optimization can significantly improve the detection of valley-free violations, as well as the selection of key ASes and networks in the monitoring of inter-domain routing system.
3) To study the anomalies of inter-domain for IPv6 network and its detection technology, we firstly investigate the anomalies newly found in IPv6 networks, including too-long prefix, empty ASPath and ASPath hybridity, by analyzing the potential causes and damages they can cause. Secondly we revise the detection rules of DUSA anomaly and private AS number anomaly, which suffer great changes in IPv6 enviroment, or cannot effctively distinguish normality and anomal. Finally oriented to IPv6 networks, we analysize the cause and impact of the other anomalies found in IPv4 networks .
4) Based on the approaches above, we design and implement an inter-domain routing monitoring system which is completely compatible with the IPv4 anomaly detection and IPv6 anomaly detection, and compare the anomalies detected in IPv6 networks with those in IPv4 networks, and finally conclude this paper by analyzing the impact scope of various IPv6 routing anomalies.
This paper makes a research on the inter-domain anomaly detection for IPv6 network. In the research, we find that though the significant commercial deployment of IPv6 networks just started, the sorts of anomalies previously found in IPv4 networks have been found in IPv6 network, and we also found several new types of anomalies. Meanwhile, by analysizing the transition from IPv4 to IPv6, we find that in the transition process the security of inter-domain routing in IPv6 networks is relying on the IPv4 networks.
随着IPv4地址空间消耗殆尽,IPv6网络的全面部署变得更加迫切,这对Internet的域间路由安全研究提出了新的要求。同时,由于S-BGP等安全协议机制的部署存在重重障碍,要基于现有网络设备确保域间路由系统的健康,域间路由监测是非常实际和真正能够发挥效用的技术途径。本文面向IPv6网络对于域间路由异常检测技术进行了研究,所做工作主要体现在以下几个方面:
1、从地址结构与分类、分配策略、IP层协议和网络安全机制四个方面比较了IPv6网络和IPv4网络;对比了BGP4+协议和BGP-4协议;考查了IPv6的部署和运行情况,比较了IPv4网络和IPv6网络的规模,指出由于隧道技术和翻译技术的应用,IPv6的域间路由安全对于IPv4网络存在依赖关系。
2、借鉴网络科学的思想提出了从数据流量的角度评价自治系统相对于指定自治系统或自治系统集合重要性的指标——边缘介数;进而基于边缘介数优化了Tier-1层自治系统的推断算法,这为面向IPv6网络的违反“无谷底”原则异常检测,以及在监测过程中关键自治系统和网络的选取提供了依据。
3、面向IPv6网络深入研究了域间路由异常及其检测技术。发现了前缀过长、ASPath为空和ASPath杂糅三种新异常,修正了DUSA异常(Documentation Special Use IP Address,特殊用途IP地址)和私有自治系统异常的判定规则,并提出了相应的检测算法;面向IPv6网络分析了其他域间路由异常。
4、基于上述关键技术,对面向IPv6网络的域间路由监测系统进行了设计和实现,使其能够兼容面向IPv4网络的域间路由异常检测技术;比较了IPv6网络和IPv4网络中所发现的域间路由异常,并从影响范围的角度分析了IPv6网络中所发现的域间路由异常的具体情况。
本文面向IPv6网络对域间路由异常及其检测技术进行了深入研究。研究发现IPv6网络虽然正处于商业化部署的初始阶段,但已存在IPv4网络中发现的所有域间路由异常,并有新的异常被发现;同时发现由于隧道技术和翻译技术的使用,IPv6网络的域间路由安全对于IPv4网络存在依赖关系。
The Internet is playing an increasingly important role in the national construction and society development. As the key information infrastructure of Internet, BGP based inter-domain routing system is currently threatened by malicious attacks and human errors. In recent years, inter-domain routing security has drawn significant attentions from academic and industrial communities.
With the exhaustion of IPv4 adderss space, it becomes urgent to deploy IPv6, which raises new demands on the security of inter-domain routing. Meanwhile, there are many barriers for the security mechanisms such as S-BGP to deploy, and the monitoring of inter-domain routing is a pratical and efficient way to secure inter-domain routing via current networking facility. This paper focuses on the detection of inter-domain routing anomaly in IPv6 networks, and our contributions are summarized as follows:
1) In terms of address structure and category, allocation policy, IP Protocol and security schemes in IP layer, we compare the IPv6 networks and IPv4 networks, and we also compare the protocol BGP4+ and BGP-4 to find the difference impacting the inter-domain routing security. We investigate the deployment situation of IPv6 networks, and find that the security of inter-domain routing in IPv6 networks is relying on the IPv4 networks due to the use of tunnel technology and translation technology.
2) Drawing experience from network science, we propose a new metric Marginal Betweenness to characterize the importance of an AS (Autonomous System) to a particular AS or a group of ASes from the perspective of Internet traffic. Based on this new metric, we optimize the inference algorithm of Tier-1 ASes by incorporating the traffic characteristics that each Tier-1 AS should forward a significant portion of traffic for its Tier-1 partners. This optimization can significantly improve the detection of valley-free violations, as well as the selection of key ASes and networks in the monitoring of inter-domain routing system.
3) To study the anomalies of inter-domain for IPv6 network and its detection technology, we firstly investigate the anomalies newly found in IPv6 networks, including too-long prefix, empty ASPath and ASPath hybridity, by analyzing the potential causes and damages they can cause. Secondly we revise the detection rules of DUSA anomaly and private AS number anomaly, which suffer great changes in IPv6 enviroment, or cannot effctively distinguish normality and anomal. Finally oriented to IPv6 networks, we analysize the cause and impact of the other anomalies found in IPv4 networks .
4) Based on the approaches above, we design and implement an inter-domain routing monitoring system which is completely compatible with the IPv4 anomaly detection and IPv6 anomaly detection, and compare the anomalies detected in IPv6 networks with those in IPv4 networks, and finally conclude this paper by analyzing the impact scope of various IPv6 routing anomalies.
This paper makes a research on the inter-domain anomaly detection for IPv6 network. In the research, we find that though the significant commercial deployment of IPv6 networks just started, the sorts of anomalies previously found in IPv4 networks have been found in IPv6 network, and we also found several new types of anomalies. Meanwhile, by analysizing the transition from IPv4 to IPv6, we find that in the transition process the security of inter-domain routing in IPv6 networks is relying on the IPv4 networks.
引文
[1] O. Nordstr, C. Dovrolis. Beware of BGP attacks[J]. ACM SIGCOMM Computer. Communication Review, 34(2): 1-8, 2004
[2] R. Mahajan, D. Wetherall, T. Anderson. Understanding BGP misconfiguration[J]. Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications. Pittsburgh, Pennsylvania, USA, 2002.
[3] ICANN, Available Pool of Unallocated IPv4 Internet Addresses Now Completely Emptied[EB/OL]. http://www.icann.org/en/news/releases/release 03feb11en.pdf.
[4] WikiPedia, IPv4 address exhaustion[EB/OL]. 2011. http://en.wikipedia.org/wiki/IPv4_address_exhaustion
[5] G. Huston, M. Rossi, G. Armitage. Securing BGP - A Literature Survey[J]. Communications Surveys & Tutorials, IEEE, 13(2): 199-222, 2010.5.
[6] K. Butler, et al. A Survey of BGP Security Issues and Solutions.[J] Proceedings of the IEEE, 98(1): 100-122, 2009.12.
[7] O. Donnell, et al. Prolog to A Survey of BGP Security Issues and Solutions[J] Proceedings of the IEEE. 98(1): 97-99, 2010.
[8] S. Goldberg, et al. How secure are secure interdomain routing protocols[J]. Proceedings of the ACM SIGCOMM 2010 conference. ACM: New Delhi, India, 2010.
[9]王相林, IPv6核心技术[M].科学出版社,中国北京. 2009.
[10] B. Halabi, et al. Internet Routing Architecture[M]. 2003. Cisco Press.
[11] Q. Vohra, E. Chen. RFC4893 BGP Support for Four-octet AS Number Space [EB/OL]. http://www.ietf.org/rfc/rfc4893.txt
[12] L. Gao. On inferring autonomous system relationships in the internet[J]. IEEE/ACM Trans. Netw., 9(6): 733-745, 2001.
[13] S. Cai, et al. On generating Internet hierarchical topology[C]. Decision and Control, 2004. CDC, 4655 - 4660, 2004,12.
[14]H. Ballani, P. Francis, and X. Zhang, A study of prefix hijacking and interception in the internet[C]. Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications, ACM: Kyoto, Japan, 2007.
[15] Y. Rekhter, T. Li, RFC1771 - A Border Gateway Protocol 4 (BGP-4) [EB/OL]. http://www.ietf.org/rfc/rfc1771.txt
[16] S. Kent, et al. Design and analysis of the Secure Border Gateway Protocol (S-BGP) [C]. DARPA Information Survivability Conference and Exposition 2000, 2000.
[17] S. Kent. et al.. Secure Border Gateway Protocol (S-BGP)[J]. Selected Areas inCommunications. 18(4). 2000.4.
[18] W. Aiello, J. Ioannidis, and P. McDaniel, Origin authentication in interdomain routing[C]. Proceedings of the 10th ACM conference on Computer and communications security, 165-178. Washington D.C., USA, 2003.
[19] R. White. Securing BGP through secure origin BGP (soBGP)[J]. Business Communications Review, 33(5): 47-53. 2003.
[20] G.Carl, et al.. Path preserving scale down for validation of internet inter-domain routing protocols [C]. Proceedings of the 38th conference on Winter simulation, 2210-2218. Monterey, California, 2006.
[21] G. Goodell, et al.. Working around BGP: An incremental approach to improving security and accuracy of interdomain routing[C]. Citeseer, 2003.
[22] Y. J. Chi, R. Oliveira, and L. Zhang, Cyclops: the AS-level connectivity observatory[J]. ACM SIGCOMM Computer Communication. Review, 38(5): 5-16, 2008.
[23] BGP Monitoring[EB/OL]. http://www.team-cymru.org/Monitoring/BGP/
[24] S. T. Teoh, et al.. BGP eye: a new visualization tool for real-time detection and analysis of BGP anomalies[C]. Proceedings of the 3rd international workshop on Visualization for computer security. Alexandria, Virginia, USA, 2006.
[25] BGPmon Next generation BGP Monitor[EB/OL]. http://bgpmon.netsec.colostate.edu/
[26] M. Lad, et al.. PHAS: A prefix hijack alert system[EB/OL]. http:// irl.cs.ucla.edu/papers/originChange.pdf
[27] BGPlay@Route Views[EB/OL]. http://bgplay.routeviews.org/
[28] BGP WeatherMap[EB/OL]. http://bgpmon.netsec.colostate.edu/
[29] X. Zhao, et al.. An analysis of BGP multiple origin AS (MOAS) conflicts[C]. Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement, San Francisco, California, USA, 2001.
[30] Xia, J., L. Gao, and T. Fei, A measurement study of persistent forwarding loops on the Internet[J]. Computer Networks, 51(17): 4780-4796, 2007.
[31]梁伟,毕经平, Internet路由关联分析与监测系统设计[C].第五届中国测试学术会议, 2008 5,中国苏州
[32] Deng, W., P. Zhu, and X. Lu. ROUSSEAU: A Monitoring System for Inter-domain Routing Security[C]. 2008: IEEE.
[33] R. Hiden, M. O'Dell, S. Deering.RFC2374 An IPv6 Aggregatable Global Unicast Address Format[EB/OL]. http://www.ietf.org/rfc/rfc2374.txt
[34] R. Hiden, S. Deering. RFC2373 IPv6 Version 6 Addressing Architecture[EB/OL]. http://www.ietf.org/rfc/rfc2373.txt
[35] APNIC, A. and N. RIPE, Ipv6 address allocation and assignment policy[EB/OL]. http://www. ripe. net/ripe/docs/ipv6policy. html, 2003.
[36] Bush, R., et al., IPv4 Address Allocation and Assignment Policies for the RIPE NCC Service Region[EB/OL]. http://www.ripe.net/ripe/docs/ripe-530.
[37] Y. Rekhter, R. Hiden, S. Deering, J. Postel. RFC2073 An IPv6 Provider Based Unicast Address Format[EB/OL]. http://www.ietf.org/rfc/rfc2073.txt
[38] P. Marques, F. Dupont. RFC2545 Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing[EB/OL]. http://www.ietf.org/rfc/rfc2545.txt
[39] T. Bates, R. Chandra, D. Katz, Y. Kehhter. RFC2283 Multiprotocol Extensions for BGP-4[EB/OL]. http://www.ietf.org/rfc/rfc2283.txt
[40] Jun, B., W. Jianping, and C. Xiangbin, A Source Address Validation Test-bed in CNGI-CERNET2 [J]. Telecommunications Science, 2008. 1.
[41]三大运营商积极部署IPv6[EB/OL]. http://www.chinaunicom.com.cn/news/ywsm/hyzx/file1315.html. Dec. 2010
[42] Route Views Project[EB/OL]. http://www.routeviews.org/
[43] Ripe NCC Routing Information Service[EB/OL]. http://www.ripe.net/data-tools/stats/ris/routing-information-service
[44] Massar, J. IPv6 Routing Table Anomlies[EB/OL]. http://www.sixxs.net/s/RIPE46-IPv6-Routing-Table-Anomalies.pdf
[45]Huston, G. IPv6 CIDR REPORT for 17 Nov 11[EB/OL]. http://www.cidr-report.org/v6/as2.0/
[46]Service, H.E.I. BGP Prefix Report.[EB/OL] http://bgp.he.net/report/prefixes#_bogons
[47] Y. Shirasaki, S. Miyakawa, T. Yamasaki, A.Takenouchi. RFC4241 A Model of IPv6/IPv4 Dual Stack Internet Access Service[EB/OL]. http://www.ietf.org/rfc/rfc4241.txt
[48] J. Scheenwaelder, T. Jeffree. RFC4798 Connecting IPv6 Islands over IPv4 MPLS Using IPv6 Provider Edge Routers (6PE)[EB/OL] http://www.ietf.org/rfc/rfc4789.txt
[49] J. De Clercq, D. Ooms, M. Carugi, F. Le Faucheur. RFC4659 BGP-MPLS IP Virtual Private Network (VPN) Extension for IPv6 VPN[EB/OL]. http://www.ietf.org/rfc/rfc4659.txt
[50]J. Wu, Y .Cui, X. Li, M. Xu. RFC5747 4over6 Transit Solution Using IP Encapsulation and MP-BGP Extensions[EB/OL]. http://www.ietf.org/rfc/rfc5747.txt
[51]Qiu, J. and X. Li, Observing the Growth of the IPv6 Test Network via BGP Monitoring.
[52]Karpilovsky, E., et al., Quantifying the Extent of IPv6 Deployment Passive and Active Network Measurement[J]. 2009, Springer Berlin / Heidelberg. p. 13-22.
[53] Faloutsos, M., P. Faloutsos, and C. Faloutsos, On power-low relationships of the Internet topology[C], ACM SIGCOMM 99. 1999.
[54]朱培栋,刘欣,推断Internet层次结构的有效算法[J].《高技术通讯(A)》, 14(A), 358-361, 2004年8月
[55] Z. Ge, et al. Hierarchical structure of the logical Internet graph[C]. Scalability and Traffic Control in IP Networks, Denver, CO, USA, 2001.
[56] Zhang, B., et al., Collecting the internet AS-level topology[J]. ACM SIGCOMM Computer Communication Review, 35(1): 53-61, 2005.
[57]WikiPedia Tier 1 network[EB/OL]. http://en.wikipedia.org/wiki/Tier_1_network
[58] YouTube Hijacking: A RIPE NCC RIS case study[EB/OL]. http://www.ripe.net/internet-coordination/news/industry-developments/youtube-hijacking-a-ripe-ncc-ris-case-study
[2] R. Mahajan, D. Wetherall, T. Anderson. Understanding BGP misconfiguration[J]. Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications. Pittsburgh, Pennsylvania, USA, 2002.
[3] ICANN, Available Pool of Unallocated IPv4 Internet Addresses Now Completely Emptied[EB/OL]. http://www.icann.org/en/news/releases/release 03feb11en.pdf.
[4] WikiPedia, IPv4 address exhaustion[EB/OL]. 2011. http://en.wikipedia.org/wiki/IPv4_address_exhaustion
[5] G. Huston, M. Rossi, G. Armitage. Securing BGP - A Literature Survey[J]. Communications Surveys & Tutorials, IEEE, 13(2): 199-222, 2010.5.
[6] K. Butler, et al. A Survey of BGP Security Issues and Solutions.[J] Proceedings of the IEEE, 98(1): 100-122, 2009.12.
[7] O. Donnell, et al. Prolog to A Survey of BGP Security Issues and Solutions[J] Proceedings of the IEEE. 98(1): 97-99, 2010.
[8] S. Goldberg, et al. How secure are secure interdomain routing protocols[J]. Proceedings of the ACM SIGCOMM 2010 conference. ACM: New Delhi, India, 2010.
[9]王相林, IPv6核心技术[M].科学出版社,中国北京. 2009.
[10] B. Halabi, et al. Internet Routing Architecture[M]. 2003. Cisco Press.
[11] Q. Vohra, E. Chen. RFC4893 BGP Support for Four-octet AS Number Space [EB/OL]. http://www.ietf.org/rfc/rfc4893.txt
[12] L. Gao. On inferring autonomous system relationships in the internet[J]. IEEE/ACM Trans. Netw., 9(6): 733-745, 2001.
[13] S. Cai, et al. On generating Internet hierarchical topology[C]. Decision and Control, 2004. CDC, 4655 - 4660, 2004,12.
[14]H. Ballani, P. Francis, and X. Zhang, A study of prefix hijacking and interception in the internet[C]. Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications, ACM: Kyoto, Japan, 2007.
[15] Y. Rekhter, T. Li, RFC1771 - A Border Gateway Protocol 4 (BGP-4) [EB/OL]. http://www.ietf.org/rfc/rfc1771.txt
[16] S. Kent, et al. Design and analysis of the Secure Border Gateway Protocol (S-BGP) [C]. DARPA Information Survivability Conference and Exposition 2000, 2000.
[17] S. Kent. et al.. Secure Border Gateway Protocol (S-BGP)[J]. Selected Areas inCommunications. 18(4). 2000.4.
[18] W. Aiello, J. Ioannidis, and P. McDaniel, Origin authentication in interdomain routing[C]. Proceedings of the 10th ACM conference on Computer and communications security, 165-178. Washington D.C., USA, 2003.
[19] R. White. Securing BGP through secure origin BGP (soBGP)[J]. Business Communications Review, 33(5): 47-53. 2003.
[20] G.Carl, et al.. Path preserving scale down for validation of internet inter-domain routing protocols [C]. Proceedings of the 38th conference on Winter simulation, 2210-2218. Monterey, California, 2006.
[21] G. Goodell, et al.. Working around BGP: An incremental approach to improving security and accuracy of interdomain routing[C]. Citeseer, 2003.
[22] Y. J. Chi, R. Oliveira, and L. Zhang, Cyclops: the AS-level connectivity observatory[J]. ACM SIGCOMM Computer Communication. Review, 38(5): 5-16, 2008.
[23] BGP Monitoring[EB/OL]. http://www.team-cymru.org/Monitoring/BGP/
[24] S. T. Teoh, et al.. BGP eye: a new visualization tool for real-time detection and analysis of BGP anomalies[C]. Proceedings of the 3rd international workshop on Visualization for computer security. Alexandria, Virginia, USA, 2006.
[25] BGPmon Next generation BGP Monitor[EB/OL]. http://bgpmon.netsec.colostate.edu/
[26] M. Lad, et al.. PHAS: A prefix hijack alert system[EB/OL]. http:// irl.cs.ucla.edu/papers/originChange.pdf
[27] BGPlay@Route Views[EB/OL]. http://bgplay.routeviews.org/
[28] BGP WeatherMap[EB/OL]. http://bgpmon.netsec.colostate.edu/
[29] X. Zhao, et al.. An analysis of BGP multiple origin AS (MOAS) conflicts[C]. Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement, San Francisco, California, USA, 2001.
[30] Xia, J., L. Gao, and T. Fei, A measurement study of persistent forwarding loops on the Internet[J]. Computer Networks, 51(17): 4780-4796, 2007.
[31]梁伟,毕经平, Internet路由关联分析与监测系统设计[C].第五届中国测试学术会议, 2008 5,中国苏州
[32] Deng, W., P. Zhu, and X. Lu. ROUSSEAU: A Monitoring System for Inter-domain Routing Security[C]. 2008: IEEE.
[33] R. Hiden, M. O'Dell, S. Deering.RFC2374 An IPv6 Aggregatable Global Unicast Address Format[EB/OL]. http://www.ietf.org/rfc/rfc2374.txt
[34] R. Hiden, S. Deering. RFC2373 IPv6 Version 6 Addressing Architecture[EB/OL]. http://www.ietf.org/rfc/rfc2373.txt
[35] APNIC, A. and N. RIPE, Ipv6 address allocation and assignment policy[EB/OL]. http://www. ripe. net/ripe/docs/ipv6policy. html, 2003.
[36] Bush, R., et al., IPv4 Address Allocation and Assignment Policies for the RIPE NCC Service Region[EB/OL]. http://www.ripe.net/ripe/docs/ripe-530.
[37] Y. Rekhter, R. Hiden, S. Deering, J. Postel. RFC2073 An IPv6 Provider Based Unicast Address Format[EB/OL]. http://www.ietf.org/rfc/rfc2073.txt
[38] P. Marques, F. Dupont. RFC2545 Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing[EB/OL]. http://www.ietf.org/rfc/rfc2545.txt
[39] T. Bates, R. Chandra, D. Katz, Y. Kehhter. RFC2283 Multiprotocol Extensions for BGP-4[EB/OL]. http://www.ietf.org/rfc/rfc2283.txt
[40] Jun, B., W. Jianping, and C. Xiangbin, A Source Address Validation Test-bed in CNGI-CERNET2 [J]. Telecommunications Science, 2008. 1.
[41]三大运营商积极部署IPv6[EB/OL]. http://www.chinaunicom.com.cn/news/ywsm/hyzx/file1315.html. Dec. 2010
[42] Route Views Project[EB/OL]. http://www.routeviews.org/
[43] Ripe NCC Routing Information Service[EB/OL]. http://www.ripe.net/data-tools/stats/ris/routing-information-service
[44] Massar, J. IPv6 Routing Table Anomlies[EB/OL]. http://www.sixxs.net/s/RIPE46-IPv6-Routing-Table-Anomalies.pdf
[45]Huston, G. IPv6 CIDR REPORT for 17 Nov 11[EB/OL]. http://www.cidr-report.org/v6/as2.0/
[46]Service, H.E.I. BGP Prefix Report.[EB/OL] http://bgp.he.net/report/prefixes#_bogons
[47] Y. Shirasaki, S. Miyakawa, T. Yamasaki, A.Takenouchi. RFC4241 A Model of IPv6/IPv4 Dual Stack Internet Access Service[EB/OL]. http://www.ietf.org/rfc/rfc4241.txt
[48] J. Scheenwaelder, T. Jeffree. RFC4798 Connecting IPv6 Islands over IPv4 MPLS Using IPv6 Provider Edge Routers (6PE)[EB/OL] http://www.ietf.org/rfc/rfc4789.txt
[49] J. De Clercq, D. Ooms, M. Carugi, F. Le Faucheur. RFC4659 BGP-MPLS IP Virtual Private Network (VPN) Extension for IPv6 VPN[EB/OL]. http://www.ietf.org/rfc/rfc4659.txt
[50]J. Wu, Y .Cui, X. Li, M. Xu. RFC5747 4over6 Transit Solution Using IP Encapsulation and MP-BGP Extensions[EB/OL]. http://www.ietf.org/rfc/rfc5747.txt
[51]Qiu, J. and X. Li, Observing the Growth of the IPv6 Test Network via BGP Monitoring.
[52]Karpilovsky, E., et al., Quantifying the Extent of IPv6 Deployment Passive and Active Network Measurement[J]. 2009, Springer Berlin / Heidelberg. p. 13-22.
[53] Faloutsos, M., P. Faloutsos, and C. Faloutsos, On power-low relationships of the Internet topology[C], ACM SIGCOMM 99. 1999.
[54]朱培栋,刘欣,推断Internet层次结构的有效算法[J].《高技术通讯(A)》, 14(A), 358-361, 2004年8月
[55] Z. Ge, et al. Hierarchical structure of the logical Internet graph[C]. Scalability and Traffic Control in IP Networks, Denver, CO, USA, 2001.
[56] Zhang, B., et al., Collecting the internet AS-level topology[J]. ACM SIGCOMM Computer Communication Review, 35(1): 53-61, 2005.
[57]WikiPedia Tier 1 network[EB/OL]. http://en.wikipedia.org/wiki/Tier_1_network
[58] YouTube Hijacking: A RIPE NCC RIS case study[EB/OL]. http://www.ripe.net/internet-coordination/news/industry-developments/youtube-hijacking-a-ripe-ncc-ris-case-study