Research on Blockchain-Based Inter-Domain Routing Security Enhancement

doi:10.3778/j.issn.1673-9418.2407065

Abstract

Abstract: The border gateway protocol (BGP) is currently the de facto interdomain routing standard in the Internet, with its security based on the authenticity and integrity of autonomous systems (AS) identities and paths. However, BGP itself lacks intrinsic security mechanisms, and its security issues have garnered significant attention. Blockchain, as an innovative technology for building a new generation of information infrastructure, can establish a distributed multi-party trust system in an open Internet environment. It offers technical solutions to the issues and challenges encountered in traditional BGP security enhancement. According to technology development and security iteration, this paper categorizes the BGP security enhancement into three progressive stages: the theoretical exploration stage represented by secure border gateway protocol (S-BGP), the practical application stage with resource public key infrastructure (RPKI) as the security foundation, and the innovative development stage with the blockchain technology. Firstly, this paper analyzes the vulnerabilities in BGP routing propagation methods and routing policies, along with three typical security threats: prefix hijacking, path spoofing, and route leaks. Next, traditional BGP security enhancement techniques and research context are reviewed, with a particular focus on proactive defense and anomaly detection mechanisms to counter erroneous route announcement attacks. Then, following a brief introduction to the fundamental principles of blockchain technology, the paper explores the implementation concepts, paths, and methods of blockchain-based BGP security enhancements, utilizing the blockchain’s characteristics of decentralization, tamper resistance, traceability, and distributed deployment. Finally, the challenges faced in BGP security enhancement with blockchain technology are discussed, and future research directions are outlined.

Key words: border gateway protocol, security enhancement, blockchain, resource public key infrastructure, route attestation

摘要： 边界网关协议（BGP）是目前互联网中事实上的域间路由标准，其安全性建立在自治系统（AS）身份及路径真实完整基础上，但BGP自身缺乏相应的安全保障机制，其安全问题备受关注。区块链作为构建新一代信息基础设施的创新技术，支撑在开放互联网环境中构建分布式多方信任体系，为当前传统BGP安全增强中遇到的问题和挑战提供了技术应对。根据技术发展和安全迭代，将BGP安全增强划分为3个递进阶段：以安全边界网关协议（S-BGP）为代表的理论创新阶段，以资源公钥基础设施（RPKI）为安全基础的应用实践阶段，以及基于区块链技术的创新发展阶段。分析BGP路由传播方式和路由策略的脆弱性，以及前缀劫持、路径伪造和路由泄露3类典型的安全威胁方式；梳理传统BGP安全增强技术路线和研究脉络，重点从主动防御和异常检测两个方面讨论针对错误路由宣告攻击的应对机制；在简要介绍区块链技术基本原理的基础上，利用区块链的去中心化、防篡改、可溯源、分布式部署等特性，重点探讨基于区块链的BGP安全增强技术的实现思想、路径和方法；主要结合区块链技术的应用，讨论BGP安全增强中面临的挑战，并对未来研究方向进行展望。

关键词: 边界网关协议, 安全增强, 区块链, 资源公钥基础设施, 路由认证

WANG Qun, LI Fujuan, NI Xueli, XIA Lingling, MA Zhuo. Research on Blockchain-Based Inter-Domain Routing Security Enhancement[J]. Journal of Frontiers of Computer Science and Technology, 2024, 18(12): 3144-3174.

王群, 李馥娟, 倪雪莉, 夏玲玲, 马卓. 域间路由安全增强及区块链技术的应用研究[J]. 计算机科学与探索, 2024, 18(12): 3144-3174.

References

[1] AGARWAL A, SHARMA S. Performance evaluation of HSRP, GLBP and VRRP with interior gateway routing protocol and exterior gateway routing protocol[C]//Proceedings of the 2022 12th International Conference on Cloud Computing, Data Science & Engineering, Noida, Jan 27-28, 2022. Piscataway: IEEE, 2022: 153-158.
[2] ZHAO X, BAND S S, ELNAFFAR S, et al. The implementation of border gateway protocol using software-defined networks: a systematic literature review[J]. IEEE Access,2021, 9: 112596-112606.
[3] MITSEVA A, PANCHENKO A, ENGEL T. The state of affairs in BGP security: a survey of attacks and defenses[J].Computer Communications, 2018, 124: 45-60.
[4] ROSSUM T R. BGP security and the future: a meta-analysis of BGP threats and security to provide a new direction for practical BGP securit[EB/OL]. (2020-10-01)[2024-01-05]. https://repository.tudelft.nl/islandora/object/uuid:794ce56f-3cd3-46a9-98a0-023e911c856d/datastream/OBJ/download.
[5] NORDSTROM O, DOVROLIS C. Beware of BGP attacks[J]. ACM SIGCOMM Computer Communication Review, 2004, 34(2): 1-8.
[6] KENT S, LYNN C, SEO K. Secure border gateway protocol (S-BGP)[J]. IEEE Journal on Selected Areas in Communications, 2000, 18(4): 582-592.
[7] WHITE R. Securing BGP through secure origin BGP (soBGP)[J]. Business Communications Review, 2003, 33(5): 47-53.
[8] ZHAO M, SMITH S W, NICOL D M. Aggregated path authentication for efficient BGP security[C]//Proceedings of the 12th ACM Conference on Computer and Communications Security, Alexandria, Nov 7-11, 2005. New York: ACM, 2005: 128-138.
[9] OORSCHOT P C, WAN T, KRANAKIS E. On interdomain routing security and pretty secure BGP (psBGP)[J]. ACM Transactions on Information and System Security, 2007, 10(3): 11-46.
[10] MCDANIEL P, AIELLO W, BUTLER K, et al. Origin authentication in interdomain routing[J]. Computer Networks,2006, 50(16): 2953-2980.
[11] LEPINSKI M, KENT S. An infrastructure to support secure Internet routing(RFC 6480)[EB/OL]. (2012-02-01) [2024-01-06]. https://www.rfc-editor.org/rfc/pdfrfc/rfc6480.txt.pdf.
[12] WEISE J. Public key infrastructure overview[EB/OL]. (2001-08-01)[2024-01-06]. http://highsecu.free.fr/db/outils_de_securite/cryptographie/pki/publickey.pdf.
[13] 邹慧, 马迪, 邵晴, 等. 互联网码号资源公钥基础设施(RPKI)研究综述[J]. 计算机学报, 2022, 45(5): 1100-1132.
ZOU H, MA D, SHAO Q, et al. A survey of the resource public key infrastructure[J]. Chinese Journal of Computers, 2022, 45(5): 1100-1132.
[14] WAHLISCH M, SCHMIDT R, SCHMIDT T C, et al. RiPKI: the tragic story of RPKI deployment in the web ecosystem[C]//Proceedings of the 14th ACM Workshop on Hot Topics in Networks, Philadelphia, Nov 16-17, 2015. New York: ACM, 2015: 1-7.
[15] GILAD Y, COHEN A, HERZBERG A, et al. Are we there yet? on RPKI’s deployment and security[EB/OL]. (2016-10-10)[2024-01-07]. https://eprint.iacr.org/2016/1010.pdf.
[16] LYCHEV R, GOLDBERG S, SCHAPIRA M. BGP security in partial deployment: is the juice worth the squeeze?[C]//Proceedings of the ACM SIGCOMM 2013 Conference, Hong Kong, China, Aug 12-16, 2013. New York: ACM Press, 2013: 171-182.
[17] 王群, 李馥娟, 王振力, 等. 区块链原理及关键技术[J]. 计算机科学与探索, 2020, 14(10): 1621-1643.
WANG Q, LI F J, WANG Z L, et al. Principle and core technology of blockchain[J]. Journal of Frontiers of Computer Science and Technology, 2020, 14(10): 1621-1643.
[18] 陈迪, 邱菡, 朱俊虎, 等. 区块链技术在域间路由安全领域的应用研究[J]. 软件学报, 2020, 31(1): 208-227.
CHEN D, QIU H, ZHU J H,et al. Research on blockchain-based interdomain security solutions[J]. Journal of Software, 2020, 31(1): 208-227.
[19] 陈迪, 邱菡, 朱俊虎, 等. 基于区块链的域间路由策略符合性验证方法[J]. 软件学报, 2023, 34(9): 4336-4350.
CHEN D, QIU H, ZHU J H, et al. Blockchain-based validation method for inter-domain routing policy compliance[J]. Journal of Software, 2023, 34(9): 4336-4350.
[20] 徐恪, 凌思通, 李琦, 等. 基于区块链的网络安全体系结构与关键技术研究进展[J]. 计算机学报, 2021, 44(1): 55-83.
XU K, LING S T, LI Q, et al. Research progress of network security architecture and key technologies based on blockchain[J]. Chinese Journal of Computers, 2021, 44(1): 55-83.
[21] MASTILAK L, GALINSKI M, HELEBRANDT P, et al. Enhancing border gateway protocol security using public blockchain[J]. Sensors, 2020, 20(16): 1-11.
[22] SAAD M, ANWAR A, AHMAD A, et al. RouteChain: towards blockchain-based secure and efficient BGP routing[J]. Computer Networks, 2022, 217: 109362.
[23] KAYATHRI T L, KUMARESAN N, VIJAYABHASKER R.SDBGPChain: a decentralized low complexity framework to detect and prevent the BGPattacks using SDN with smart contract based Dendrimer tree blockchain[J]. Computer Networks, 2023, 230: 109800.
[24] GUTMANN P. PKI: it’s not dead, just resting[J]. Computer,2002, 35(8): 41-49.
[25] NAKAMOTO S. Bitcoin:a peer-to-peer electronic cash system[EB/OL]. (2018-06-10) [2024-01-09]. https://bitcoin.org/ bitcoin.pdf.
[26] AFEK Y, BREMLER-BARR A, SCHWARZ S. Improved BGP convergence via ghost flushing[J]. IEEE Journal on Selected Areas in Communications, 2004, 22(10): 1933-1948.
[27] GAO L X. On inferring autonomous system relationships in the Internet[J]. IEEE/ACM Transactions on Networking,2001, 9(6): 733-745.
[28] GAO L X, REXFORD J. Stable Internet routing without global coordination[J]. IEEE/ACM Transactions on Networking, 2001, 9(6): 681-692.
[29] HUSTON G, MICHAELSON G. The ISP column[EB/OL].(2020-03-01)[2024-01-09]. https://www.dotnxdomain.net/ispcol/2020-03/insecurity.pdf.
[30] 黎松, 诸葛建伟, 李星. BGP安全研究[J]. 软件学报, 2013, 24(1): 121-138.
LI S, ZHUGE J W, LI X. Study on BGP security[J]. Journal of Software, 2013, 24(1): 121-138.
[31] 王娜, 杜学绘, 王文娟, 等. 边界网关协议安全研究综述[J]. 计算机学报, 2017, 40(7): 1626-1648.
WANG N, DU X H, WANG W J, et al. A survey of the border gateway protocol security[J]. Chinese Journal of Computers, 2017, 40(7): 1626-1648.
[32] MURPHY S. BGP security vulnerabilities analysis (RFC 4272) [EB/OL]. (2018-12-20)[2024-01-10]. https://www.rfc -editor.org/rfc/pdfrfc/rfc4272.txt.pdf.
[33] ZHAO X L, PEI D, WANG L, et al. An analysis of BGP multiple origin AS (MOAS) conflicts[C]//Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement, San Francisco, Nov 1-2, 2001. New York: ACM, 2001: 31-35.
[34] QIN L C, LI D, LI R F, et al. Themis: accelerating the detection of route origin hijacking by distinguishing legitimate and illegitimate MOAS[C]//Proceedings of the 31st USENIX Security Symposium, Boston, Aug 10-12, 2022. Berkeley: USENIX Association, 2022: 4509-4524.
[35] NAWROCKI M, BLENDIN J, DIETZEL C, et al. Down the black hole: dismantling operational practices of BGP blackholing at IXPs[C]//Proceedings of the Internet Measurement Conference, Amsterdam, Oct 21-23, 2019. New York:ACM, 2019: 435-448.
[36] BIERSACK E, JACQUEMART Q, FISCHER F, et al. Visual analytics for BGP monitoring and prefix hijacking identification[J]. IEEE Network, 2012, 26(6): 33-39.
[37] SRIRAM K, MONTGOMERY D, MCPHERSON D, et al. Problem definition and classification of BGP route leaks(RFC 7908)[EB/OL]. (2016-06-01)[2024-10-11]. https://www.rfc-editor.org/rfc/pdfrfc/rfc7908.txt.pdf.
[38] KUZMANOVIC A, KNIGHTLY E W. Low-rate TCP-targeted denial of service attacks and counter strategies[J].IEEE/ACM Transactions on Networking, 2006, 14(4): 683-696.
[39] SCHUCHARD M, MOHAISEN A, KUNE D F, et al. Losing control of the internet: using the data plane to attack the control plane[C]//Proceedings of the 17th ACM Conference on Computer and Communications Security, Chicago, Oct 4-8, 2010. New York: ACM, 2010: 726-728.
[40] SYTA E, TAMAS I, VISHER D, et al. Keeping authorities “honest or bust” with decentralized witness cosigning[C]//Proceedings of the 2016 IEEE Symposium on Security and Privacy, San Jose, May 22-26, 2016. Piscataway: IEEE, 2016: 526-545.
[41] HU Y C, PERRIG A, SIRBU M. SPV: secure path vector routing for securing BGP[C]//Proceedings of the 2004 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, Portland, Aug 30-Sep 3, 2004. New York: ACM, 2004: 179-192.
[42] 胡湘江, 朱培栋, 龚正虎. SE-BGP: 一种BGP安全机制[J]. 软件学报, 2008, 19(1): 167-176.
HU X J, ZHU P D, GONG Z H. SE-BGP: an approach for BGP security[J]. Journal of Software, 2008, 19(1): 167-176.
[43] HUSTON G. Resource certification[EB/OL]. (2008-12-01) [2024-01-20]. https://www.dotnxdomain.net/ispcol/2008-12/resourcecertificates.pdf.
[44] CHUNG T, ABEN E, BRUIJNZEELS T, et al. RPKI is coming of age: a longitudinal study of RPKI deployment and invalid route origins[C]//Proceedings of the Internet Measurement Conference, Amsterdam, Oct 21-23, 2019. New York: ACM, 2019: 406-419.
[45] MORILLO R, FURUNESS J, MORRIS C, et al. ROV++: improved deployable defense against BGP hijacking[C]//Proceedings of the 28th Annual Network and Distributed System Security Symposium, San Diego, Feb 21-24, 2021. Piscataway: IEEE, 2021: 1-18.
[46] HOVE K V, VOS J V D H, RIJSWIJK-DEIJ R V. rpkiller: threat analysis of the BGP resource public key infrastructure[J]. Digital Threats: Research and Practice, 2023, 4(4): 1-24.
[47] LEPINSKI M, SRIRAM K. BGPsec protocol specification(RFC 8025)[EB/OL]. (2017-09-01)[2024-01-22]. https://www.rfc-editor.org/rfc/pdfrfc/rfc8205.txt.pdf.
[48] LI Q, LIU J J, HU Y C, et al. BGP with BGPsec: attacks and countermeasures[J]. IEEE Network, 2019, 33(4): 194-200.
[49] UMEDA N, YANAI N, TAKEMURA T, et al. SQUAB: a virtualized infrastructure for BGP-related experiments and its applications to evaluation on BGPsec[J]. Journal of Information Processing, 2022, 30: 829-840.
[50] FURUNESS J, MORRIS C, MORILLO R, et al. BGPy: the BGP python security simulator[C]//Proceedings of the 16th Cyber Security Experimentation and Test Workshop, Marina del Rey, Aug 7-8, 2023. New York: ACM Press, 2023: 41-56.
[51] JIN J. BGP route leak prevention based on BGPsec[C]//Proceedings of the 2018 IEEE 88th Vehicular Technology Conference, Chicago, Aug 27-30, 2018. Piscataway: IEEE, 2018: 1-6.
[52] CHOWDHARY H, CHAUDHARY N K. MANRS statistical analysis and adoption in india as a collaborative security tool[J]. Journal of Cyber Security Technology, 2023, 7(4): 181-198.
[53] HARES S, ZHANG D, MOSKOWITZ H, et al. Analysis of existing work for I2NSF[EB/OL]. (2015-07-01)[2024-02-23]. https://www.ietf.org/archive/id/draft-zhang-gap-analysis-05.pdf.
[54] CAESAR M, REXFORD J. BGP routing policies in ISP networks[J]. IEEE Network, 2005, 19(6): 5-11.
[55] WU T, WANG J H, WANG J, et al. RouteInfer: inferring interdomain paths by capturing ISP routing behavior diversity and generality[C]//Proceedings of the International Conference on Passive and Active Network Measurement, Mar 28-30, 2022. Berlin, Heidelberg: Springer, 2022: 216-244.
[56] HUSTON G. Analyzing the Internet’s BGP routing table[EB/OL]. (2001-01-01)[2024-08-28]. https://www.potaroo.net/papers/2001-3-bgptable/4-1-bgp.pdf.
[57] Merit Network Inc. Internet routing registry[EB/OL]. [2024-01-23]. https://www.irr.net/.
[58] SRIRAM K, AZIMOV A. Methods for detection and mitigation of BGP route leaks[EB/OL]. (2024-01-08) [2024-01-26]. https://datatracker.ietf.org/doc/pdf/draft-ietf-grow-route-leak-detection-mitigation-10.
[59] MONEM S A E, KHALAFALLAH A, SHAHEEN S I. BGP route leaks detection using supervised machine learning Technique[C]//Proceedings of the 2020 2nd Novel Intelligent and Leading Emerging Sciences Conference, Giza, Oct 24-26, 2020. Piscataway: IEEE, 2020: 15-20.
[60] ZENG M, LI D D, ZHANG P, et al. Federated route leak detection in inter-domain routing with privacy guarantee[J]. ACM Transactions on Internet Technology, 2023, 23(1): 1-22.
[61] HOLTERBACH T, ALFROY T, PHOKEER A, et al. A system to detect forged-origin BGP hijacks[EB/OL]. [2024- 01-21]. https://dfoh.info.ucl.ac.be/static/DFOH_nsdi24.pdf.
[62] MORRIS C, HERZBERG A, WANG B, et al. BGP-iSec: improved security of Internet routing against post-ROV attacks[EB/OL]. (2014-01-26)[2024-02-22]. https://www.ndss-symposium.org/wp-content/uploads/2024-1035-paper.pdf.
[63] LAD M, DAN M, DAN P, et al. PHAS: a prefix hijack alert system[C]//Proceedings of the 15th Conference on USENIX Security Symposium,Vancouver, Jul 31-Aug 4, 2006. New York: ACM Press, 2006: 153-166.
[64] KARLIN J, FORREST S, REXFORD J. Pretty good BGP: protecting BGP by cautiously selecting routes[C]//Proceedings of the 2006 IEEE International Conference on Network Protocols, Santa Barbara, Nov 12-15, 2006. Piscataway: IEEE, 2006: 290-299.
[65] SCHLAMP J, HOLZ R, JACQUEMART Q, et al. HEAP: reliable assessment of BGP hijacking attacks[J]. IEEE Journal on Selected Areas in Communications, 2016, 34(6): 1849-1861.
[66] NEMMI E N, SASSI F, MORGIA M L. et al. The parallel lives of autonomous systems: ASN allocations vs. BGP[C]//Proceedings of the 21st ACM Internet Measurement Conference, Nov 2-4, 2021. New York: ACM Press, 2021: 593-611.
[67] SUBRAMANIAN L, ROTH V, STOICA I, et al. Listen and whisper: security mechanisms for BGP[C]//Proceedings of the 1st Conference on Symposium on Networked Systems Design and Implementation, San Francisco, Mar 29-31, 2004. New York: ACM, 2004: 20-24.
[68] HOARAU K, TOURNOUX P U, RAZAFINDRALAMBO T. Detecting forged AS paths from BGP graph features using recurrent neural networks[C]//Proceedings of the 2022 IEEE 19th Annual Consumer Communications & Networking Conference, Las Vegas, Jan 8-11, 2022. Piscataway: IEEE, 2022: 735-736.
[69] PAIVA T B, SIQUEIRA Y, BATISTA D M, et al. BGP anomalies classification using features based on AS relationship graphs[C]//Proceedings of the 2021 IEEE Latin-American Conference on Communications, Santo Domingo, Nov 17-19, 2021. Piscataway: IEEE, 2021: 1-6.
[70] BGP routing leak detection system routing leak detection system[EB/OL]. [2024-08-28]. https://puck.nether.net/bgp/leakinfo.cgi.
[71] SIDDIQUI M S, MONTERO D, YANNUZZI M, et al. Route leak detection using real-time analytics on local BGP information[C]//Proceedings of the 2014 IEEE Global Communications Conference, Austin, Dec 8-12, 2014. Piscataway: IEEE, 2014: 1942-1948.
[72] GERVAIS A, KARAME G O, SUST K, et al. On the security and performance of proof of work blockchains[C]//Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Oct 24-28, 2016. New York: ACM, 2016: 3-16.
[73] GAZI P, KIAYIAS A, ZINDROS D. Proof-of-stake sidechains[C]//Proceedings of the 2019 IEEE Symposium on Security and Privacy, San Francisco, May 19-23, 2019. Piscataway: IEEE, 2019: 139-156.
[74] BERNS A. Network scaffolding for efficient stabilization of the chord overlay network[EB/OL]. [2024-01-30.] https://arxiv.org/abs/2109.14126.
[75] KHACEF K, PUJOLLE G. Secure peer-to-peer communication based on blockchain[C]//Proceedings of the Workshops of the 33rd International Conference on Advanced Information Networking and Applications, Matsue, Mar 27-29, 2019. Berlin, Heidelberg: Springer, 2019: 662-672.
[76] WANG T T, ZHAO C H, YANG Q, et al. Ethna: analyzing the underlying peer-to-peer network of Ethereum blockchain[J]. IEEE Transactions on Network Science and Engineering, 2021, 8(3): 2131-2146.
[77] HAO W F, ZENG J J, DAI X H, et al. BlockP2P: enabling fast blockchain broadcast with scalable peer-to-peer network topology[C]//Proceedings of the 14th International Conference on Green, Pervasive, and Cloud Computing, Uberlandia, May 26-28, 2019. Berlin, Heidelberg: Springer, 2019: 223-237.
[78] STEINER M, EN-NAJJARY T, BIERSACK E W. A global view of kad[C]//Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement, San Diego, Oct 24-26, 2007. New York: ACM, 2007: 117-122.
[79] spf13.viper[EB/OL]. [2024-02-22]. https://github.com/spf 13/viper.
[80] KIM J, CHO E S. Support for the safety of EVM bytecode via function-call interceptor[C]//Proceedings of the 2021 IEEE 21st International Conference on Software Quality, Reliability and Security Companion, Hainan, Dec 6-10, 2021. Piscataway: IEEE, 2021: 676-684.
[81]ANDREAS S A, PANAYIOTIS C,KLITOS C. A decentralized application for logistics: using blockchain in real-world applications[J]. Cyprus Review, 2018, 30(2): 181-193.
[82] XING Q Q, WANG B S, WANG X F. POSTER: BGPCoin: a trustworthy blockchain-based resource management solution for BGP security[C]//Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, Dallas, Oct 30-Nov 3, 2017. New York: ACM Press, 2017: 2591-2593.
[83] XING Q Q, WANG B S, WANG X F. BGPcoin: blockchain-based Internet number resource authority and BGP security solution[J]. Symmetry, 2018, 10(9): 408.
[84] PAILLISSE J, FERRIOL M, GARCIA E, et al. IPchain: securing IP prefix allocation and delegation with blockchain[C]//Proceedings of the 2018 IEEE International Conference on Internet of Things and IEEE Green Computing and Communications and IEEE Cyber, Physical and Social Computing and IEEE Smart Data, Halifax, Jul 20-Aug 3, 2018. Piscataway: IEEE, 2018: 1236-1243.
[85] ANGIERI S, BAGNULO M, GARCIA-GARTINEZ A, et al. InBlock4: blockchain-based route origin validation[C]//Proceedings of the 2020 IEEE Conference on Computer Communications Workshops, Toronto, Jul 6-9, 2020. Piscataway: IEEE, 2020: 291-296.
[86] GARCIA-MARTINEZ A, ANGIERI S, LIU B, et al. Design and implementation of InBlock—a distributed IP address registration system[J]. IEEE Systems Journal, 2021, 15(3): 3528-3539.
[87] ANGIERI S. Blockchain for the management of Internet resources[EB/OL]. (2022-04-14)[2024-04-26]. https://github.com/sangier/PhD-Thesis/blob/main/files/SA_PhD_Defense.pptx.
[88] HARI A, LAKSHMAN T V. The Internet blockchain: a distributed, tamper-resistant transaction framework for the Internet[C]//Proceedings of the 15th ACM Workshop on Hot Topics in Networks, Atlanta, Nov 9-10, 2016. New York:ACM, 2016: 204-210.
[89] KHAN D, JUNG L T, HASHMANI M A. Systematic literature review of challenges in blockchain scalability[J]. Applied Sciences, 2021, 11(20): 9372.
[90] CHEN D, BA Y, QIU H, et al. ISRchain: achieving efficient interdomain secure routing with blockchain[J]. Computers and Electrical Engineering, 2020, 83: 106584.
[91] ONGARO D, OUSTERHOUT J. The raft consensus algorithm[EB/OL]. [2024-04-20]. https://raft.github.io/slides/riconwest2013.pdf.
[92] MASTILAK L, HELEBRANDT P, GALINSKI M, et al. Secure inter-domain routing based on blockchain: a comprehensive survey[J]. Sensors, 2022, 22: 1437.
[93] GALMES M F, AUMATELL R C, CABELLOS-APARICIO A, et al. Preventing route leaks using a decentralized approach[C]//Proceedings of the 2020 IFIP Networking Conference, Paris, Jun 22-26, 2020. Piscataway: IEEE, 2020: 509-513.
[94] YUE J R, QIN Y J, GAO S, et al. A privacy-preserving route leak protection mechanism based on blockchain[C]//Proceedings of the 2021 IEEE International Conference on Information Communication and Software Engineering,Chengdu, Mar 19-21, 2021. Piscataway: IEEE, 2021: 264-269.
[95] SABT M, ACHEMLAL M, BOUABDALLAH A. Trusted execution environment: what it is, and what it is not[C]//Proceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA,Helsinki, Aug 20-22, 2015. Piscataway: IEEE, 2015: 57-64.
[96] CASTRO M, LISKOV B. Practical Byzantine fault tolerance and proactive recovery[J]. ACM Transactions on Computer Systems, 2002, 20(4): 398-461.
[97] KONECNY J, MCMAHAN H B, YU F X, et al. Federated learning: strategies for improving communication efficiency[EB/OL]. [2024-03-15]. https://arxiv.org/abs/1610.05492.
[98] The BGP instability report[EB/OL]. [2024-08-22]. https://bgpupdates.potaroo.net/instability/bgpupd.html.
[99] MCBRIDE M, TROSSEN D, GUZMAN D, et al. BGP Blockchain[EB/OL]. [2024-08-22]. https://datatracker.ietf.org/doc/html/draft-mcbride-rtgwg-bgp-blockchain-03.
[100] The BGPsec plan[EB/OL]. [2024-05-10]. https://www.bgpsec.net/index.html.
[101] U.S. Federal Communications Commission. Notice of inquiry[EB/OL]. (2022-02-28)[2024-05-10]. https://www.fcc.gov/ecfs/document/1022806680214/1.
[102] U.S. Department of Justice National Security Division and U.S. Department of Defense Acquisition and Sustainment.Re: in the matter of secure Internet routing, PS Docket 22-90[EB/OL]. (2022-09-01)[2024-05-10]. https://www.fcc.gov/ecfs/document/1091496862125/1.
[103] GILAD Y, GOLDBERG S, SRIRAM K, et al. The use of maxLength in the resource public key infrastructure (RPKI)[J]. IEEE Open Journal of the Communications Society, 2023(4): 269-306.
[104] CLARK D, TESTART C, LUCKIE M, et al. A path forward: improving Internet routing security by enabling zones of trust[EB/OL]. [2014-05-11]. https://arxiv.org/abs/2312. 03305.
[105] Internet Society. Mutually agreed norms for routing security (MANRS)[EB/OL]. [2024-05-11]. https://www.manrs.org/.
[106] AZIMOV A, BOGOMAZOV E, BUSH R, et al. BGP AS_PATH verification based on autonomous system provider authorization (ASPA) objects[EB/OL]. (2023-08-29) [2024-05-12]. https://datatracker.ietf.org/doc/pdf/draft-ietf-sidrops- aspa-verification-16.
[107] ICANN Office of the Chief Technology Officer. Resource public key infrastructure (RPKI) technical analysis[EB/OL]. (2020-09-02)[2024-02-29]. https://icann-hamster.nl/ham/icann/octo/pub/octo-014-en.pdf.
[108] YANG Q, MA L, TU S, et al. Towards blockchain-based secure BGP routing, challenges and future research directions[J]. Computers, Materials and Continua, 2024, 79(2): 2035-2062.
[109] FENG T, LIU Y F. Research on PoW protocol security under optimized long delay attack[J]. Cryptography, 2023, 7(32):1-14.
[110] ZHONG W Y, YANG C, LIANG W, et al. Byzantine fault-tolerant consensus algorithms: a survey[J]. Electronics, 2023, 12(18): 3801.
[111] 王群, 李馥娟, 倪雪莉, 等. 区块链互操作性及跨链技术研究[J]. 计算机科学与探索, 2023, 17(8): 1749-1775.
WANG Q, LI F J, NI X L, et al. Research on blockchain interoperability and cross-chain technology[J]. Journal of Frontiers of Computer Science and Technology, 2023, 17(8): 1749-1775.