BlockJack: Towards Improved Prevention of IP Prefix Hijacking Attacks in Inter-Domain Routing Via Blockchain
This addresses security vulnerabilities in inter-domain routing for network operators, but it is an incremental improvement as it builds on existing blockchain and BGP integration concepts.
The authors tackled IP prefix hijacking attacks in Border Gateway Protocol (BGP) by proposing BlockJack, a blockchain-based system that blocks such attacks with an average response time of 0.08 seconds in experiments with 50 routers.
We propose BlockJack, a system based on a distributed and tamper-proof consortium Blockchain that aims at blocking IP prefix hijacking in the Border Gateway Protocol (BGP). In essence, BlockJack provides synchronization among BlockChain and BGP network through interfaces ensuring operational independence and this approach preserving the legacy system and accommodates the impact of a race condition if the Blockchain process exceeds the BGP update interval. BlockJack is also resilient to dynamic routing path changes during the occurrence of the IP prefix hijacking in the routing tables. We implement BlockJack using Hyperledger Fabric Blockchain and Quagga software package and we perform initial sets of experiments to evaluate its efficacy. We evaluate the performance and resilience of BlockJack in various attack scenarios including single path attacks, multiple path attacks, and attacks from random sources in the random network topology. The Evaluation results show that BlockJack is able to handle multiple attacks caused by AS paths changes during a BGP prefix hijacking. In experiment settings with 50 random routers, BlockJack takes on average 0.08 seconds (with a standard deviation of 0.04 seconds) to block BGP prefix hijacking attacks. The test result showing that BlockJack conservative approach feasible to handle the IP Prefix hijacking in the Border Gateway Protocol.