AS-TRUST: A Trust Characterization Scheme for Autonomous Systems in BGP

Thumbnail Image
Penn collection
Technical Reports (CIS)
Degree type
Grant number
Copyright date
Related resources
Chang, Jian
Venkatasubramanian, Krishna K.
West, Andrew G.

Border Gateway Protocol (BGP) works by frequently exchanging updates which, disseminate reachability information (RI) about IP prefixes (i.e., address blocks) between Autonomous Systems (ASes) on the Internet. The current operation of BGP implicitly trusts the ASes to disseminate valid—accurate, stable and routing policy compliant — RI. This assumption is problematic as demonstrated by the recent documented instances of invalid RI dissemination. This paper presents AS-TRUST, a scheme which comprehensively characterizes the trustworthiness of ASes, with respect to disseminating valid RI. AS-TRUST quantifies trust using the notion of reputation. To compute reputation, AS-TRUST evaluates the past RI received for validity, based on a set of well-defined properties. It then classifies the resulting observations into multiple types of feedback. The feedback is used by a reputation function to compute a probabilistic view of AS trustworthiness. The contributions of the paper are: (1) a comprehensive trust characterization of ASes; (2) a set of well-defined properties for evaluating the validity of RI provided by ASes; and (3) a novel and theoretically sound reputation computation mechanism. Our implementation of AS-TRUST scheme using publicly available BGP traces demonstrates: the number of ASes involved in violating the BGP operational trust assumption is significant, dissemination of invalid RI is consistently present, and the proposed reputation mechanism is sensitive enough to capture even rare instances of an AS’ deviation from trustworthy behavior.

Date Range for Data Collection (Start Date)
Date Range for Data Collection (End Date)
Digital Object Identifier
Series name and number
Publication date
Volume number
Issue number
Publisher DOI
Journal Issue
University of Pennsylvania Department of Computer and Information Science Technical Report No. MS-CIS-10-25.
Recommended citation