BGP Neighbor Trust Establishment Mechanism Based on the Bargaining Game

: The Border Gateway Protocol (BGP) is the standard inter-domain route protocol on the Internet. Autonomous System (AS) trafﬁc is forwarded by the BGP neighbors. In the route selection, if there are malicious or inactive neighbors, it will affect the network’s performance or even cause the network to crash. Therefore, choosing trusted and safe neighbors is an essential part of BGP security research. In response to such a problem, in this paper we propose a BGP Neighbor Trust Establishment Mechanism based on the Bargaining Game (BNTE-BG). By combining service quality attributes such as bandwidth, packet loss rate, jitter, delay, and price with bargaining game theory, it allows the AS to select trusted neighbors which satisfy the Quality of Service independently. When the trusted neighbors are forwarding data, we draw on the gray correlation algorithm to calculate neighbors’ behavioral trust and detect malicious or inactive BGP neighbors.


Introduction
Currently, the Border Gateway Protocol (BGP) [1] is the only inter-domain route protocol used on the Internet and is the key component of the Internet route infrastructure. However, the designers of the BGP did not initially consider security issues, which led to the BGP's security vulnerability [2]. Existing research [3][4][5][6][7] mostly protects Autonomous System (AS) traffic data by verifying the authenticity and integrity of routing information. However, how to confirm trusted neighbors is also an important issue. Neighbors play an important role in the BGP protocol. Due to the large scale and dynamic nature of the Internet, AS data must rely on neighbors to reach the destination network. If an AS establishes a neighbor relationship with a malicious/inactive AS, the AS data will not be forwarded efficiently. Malicious/inactive neighbors will restrict AS network traffic by setting routing policies [8]. For example, some inactive neighbors will adopt the "hot potato" [9] routing strategy to reduce the overhead caused by traffic passing through the domain and choose the fastest exit from the domain, regardless of its path length through other networks. Even malicious/inactive neighbors will launch malicious attacks, causing the AS network to paralyze. For example, in May 2004, DataOne, an internet service provider in Malaysia, announced to its neighbors the prefix of Yahoo's data center in Santa Clara, California, which caused the network of neighbors to go down. Therefore, establishing a safe and trusted neighbor relationship is a key issue in BGP security research.
In researching about the BGP neighbor trust establishment mechanism, we must first realize that deploying any security mechanism on the BGP will have a certain impact on it. Therefore, it should be easy to deploy and achieve security protection. Easy to deploy means that the security mechanism added to the BGP should minimize the impact on it, such as increased storage and resource overhead, the impact of convergence time, and scalability. Security protection means that it should allow the arbitrary AS to establish

Related Work
To date, there have been many studies on BGP security, which are mainly divided into BGP security extension and abnormal route detection. The main research results in BGP security extension are Secure BGP (S-BGP) [3], secure origin BGP (soBGP) [4], and pretty security (psBGP) [5]. The most complete and representative work is S-BGP. S-BGP protocol uses digital certificates and digital signatures to verify the credibility of routing information. Although these solutions can effectively guarantee BGP security, they have not been implemented on the Internet due to difficulties in deployment.
Anomaly detection is one of the methods to protect BGP route security. The core work of anomaly detection is to diagnose and analyze the characteristics of abnormal behavior on the network, and then identify the abnormal behavior and information and send an alarm to the victim. The main research results in this field are Prefix Hijack Alert System (PHAS) [21] and iSPY [22]. Although anomaly detection can detect incorrect routes from route information, it cannot prevent malicious ASes from declaring untrusted routes again. The detection result also depends on the attack feature extraction algorithm and route data set, and there will be certain errors.
Simultaneously, more and more researchers have proposed methods to solve BGP security problems from the perspective of identifying trusted ASes. It is a feasible method besides security extension and anomaly detection. One study [10] shows that the reputation mechanism has an incentive effect, effectively reducing the propagation speed of false information and inhibiting deceptive behavior. The inter-domain routing system has the conditions to establish a reputation mechanism. Yu et al. [11] proposed a distributed reputation protocol for cooperation between ASes. The key idea is to simulate the trust relationship in the real world, where an AS can selectively receive information collected from neighbors. Konte et al. [12] proposed the AS reputation system, ASwatch, which can identify a malicious AS by monitoring the credibility of its behavior. Experimental results show that ASwatch can detect 93% of malicious ASes, and the false alarm rate is only 5%. Siganos [13] proposed a neighbor watch method, where ASes form a trusted group and monitor abnormal ASes by exchanging information and querying abnormal results. Literature [14] proposed the AS-TRUST mechanism. This analyzes the collected update messages and forms different types of feedback, and then uses the Bayes algorithm to calculate the reputation of a global AS.
Inter-domain trust technology is a lightweight solution with good implementation capability. At the same time, it can incentivize legitimate ASes to punish malicious ASes and improve overall inter-domain security. In recent years, it has received increasing attention from researchers

Related Definitions
To facilitate the introduction of our mechanism, this section provides the relevant concepts and definitions. Definition 1. The service quality attribute vector is the attribute index used to describe the Quality of Service (QoS) and price. It comprises bandwidth, packet loss rate, jitter, delay, and price. We mark it as X = {x 1 , x 2 , x 3 , x 4 , x 5 } ={bandwidth, packet loss rate, jitter, delay, price}. For attributes such as bandwidth, the larger they are, the better the QoS. We call them benefit attributes x i . For attributes such as packet loss rate, jitter, and delay, the smaller they are, the better the QoS. We call them cost attributes x j . To facilitate implementation, we classify the "price" attribute as the cost attribute.

Definition 2.
The BGP trusted neighbor refers to neighbor routers that provide QoS, which is within the acceptable range.

Bargaining Game Model
This section draws on the bargaining game model. The bargaining model is made of seven tuples of the form <seller, buyer, X acc , X pro , U n , δ n , T n >. Here, seller represents the owner of the resource; buyer represents the requester of good QoS; X acc represents the range of acceptable service quality attribute vector for the buyer; X pro represents the range of service quality attribute vector that the seller can provide; U n represents buyer's or seller's payoffs; δ n represents buyer or seller's negotiation ability; and T n represents buyer's or seller's number of quotations. A bargaining game consists of three steps-setup system parameter, quote, and dicker judgment-as follows: 1.
Setup System Parameter. buyer sets the service quality attribute vector range X acc . seller sets the service quality attribute vector range X pro . X acc and X pro are private information and will not be disclosed to the public.

2.
Quote. Within the number of quotations T n , given X acc /X pro , δ n and the current quotation number t n (t n ≤ T n ), buyer/seller generates the t n th service quality attribute quotation vector X (t n ) , n ∈ {seller, buyer}.

3.
Dicker Judgment. Within the number of quotations T n , given the service quality attribute quotation vector X (t n ) , buyer/seller calculates the payoff U n . When U n is greater than or equal to the expected payoff, it outputs "True". The negotiation is successful and the game ends. When U n is less than the expected payoff, it outputs "False". The negotiation continues. 4.
If the buyer and seller fail to reach an agreement within the deadline, the negotiation ends.

BNTE-BG Mechanism
In the BGP neighbor establishment process, first, ASes with different AS numbers complete the TCP connection at the transport layer and then exchange the parameters through the Finite State Machine (FSM). We will combine the bargaining game model with the first stage of BGP neighbor establishment, proposing BNTE-BG. The mechanism process is as follows: 1.
System Initialization. The BGP router sets the service quality attribute vector range X acc and X pro independently. X acc = X acc min , X acc max represents the range of service quality attributes that the BGP router can accept. X acc min = x acc 1min , x acc 2min , x acc 3min , x acc 4min , x acc 5min represents the minimum value of each service quality attribute that can be accepted. X acc max = x acc 1max , x acc 2max , x acc 3max , x acc 4max , x acc 5max represents the maximum value of each service quality attribute that can be accepted. X pro = X pro min , X pro max represents the range of service quality attributes that the BGP router can provide [23].
, and x 5 are defined as in Section 3.1.
Simultaneously, the BGP router sets u req and u agr . u req is the neighbor trust establishment requester's expected payoff. u agr is the neighbor trust establishment agreer's expected payoff.

2.
The BGP Neighbor Trust Establishment Process. We suppose that AS 1 wants to establish a trusted neighbor relationship with its adjacent AS 2 . AS 1 is the neighbor trust establishment requester, with the service quality attribute vector range X acc AS 1 , the negotiation ability δ AS 1 and the expected payoff u req AS 1 . AS 2 is the neighbor trust establishment agreer, with the service quality attribute vector range X pro AS 2 , the negotiation ability δ AS 2 , and the expected payoff u agr AS 2 . The number of quotations for AS 1 /AS 2 is T AS 1 /T AS 2 . In order to better describe the process, we take T AS 1 = T AS 2 = 1. The implementation of BNTE-BG is shown in Figure 1 and Algorithm 1: Step 1: First, AS 1 initiates a neighbor trust establishment request to AS 2 . It uses the service quality attribute vector range X acc AS 1 , the current quotation number t AS 1 and the negotiation ability δ AS 1 to generate the service quality attribute quotation vector X (1) through the quote strategy function Quote _req . Then AS 1 adds it to the TCP message and sends it to AS 2 .
Step 2: When AS 2 receives the new TCP message from AS 1 , it extracts the service quality attribute quotation vector X (1) . It calculates the payoff, then judges whether AS 1 's X (1) satisfy the expected payoff u agr AS 2 . If it does, AS 2 outputs "Establish neighbor". If not, it uses the service quality attribute vector range X pro AS 2 , the current quotation number t AS 2 , and the negotiation ability δ AS 2 to generate the service quality attribute quotation vector X (1) through the quote strategy function Quote _agr . Then AS 2 adds it to the TCP message and sends to AS 1 .
Step 3: When AS 1 receives the new TCP message from AS 2 , it extracts the service quality attribute quotation vector X (1) . It calculates the payoff, then judges whether AS 2 's X (1) satisfy the expected payoff u req AS 1 . If it does, AS 1 outputs "Establish neighbor". If not, it outputs "Establish neighbor failed".

2021, 12, x FOR PEER REVIEW
/ is / . In order to better describe the pr The implementation of BNTE-BG is shown in Figure   Figure 1. BNTE-BG flowchart.
Step 1: First, initiates a neighbor trust establishment r The functions involved in Algorithm 1 are described as follows: • Send indicates that the BGP router sends its service quality attribute quotation vector to the adjacent BGP router.

•
Quote _req X acc AS 1 , t AS 1 , δ AS 1 indicates that AS 1 performs t AS 1 th quotation to generate the service quality attribute quotation vector X (t AS 1 ) .

•
Quote _agr X pro AS 2 , t AS 2 , δ AS 2 indicates that AS 2 performs t AS 2 th quotation to generate the service quality attribute quotation vector X (t AS 2 ) . • U _req X (t AS 2 ) , X acc AS 1 indicates that AS 1 obtains the payoff accepting the service quality attribute quotation vector pro AS 2 indicates that AS 2 obtains the payoff accepting the service quality attribute quotation vector X (t AS 1 ) . • Dick(U, u) indicates that AS 1 /AS 2 determines whether to establish a neighbor relationship.

Implementation of BNTE-BG Mechanism
This section explains the implementation of the functions in the BNTE-BG. AS 1 and The quote strategy function Quote _req X acc AS 1 , t AS 1 , δ AS 1 is implemented as follows: When AS 1 wants to send the t AS 1 th quotation to AS 2 , it calls Quote _req X acc AS 1 , t AS 1 , δ AS 1 to generate the t AS 1 th service quality attribute quotation vector Calculate the cost attribute quotation x (t AS 1 ) j as Formula (2) x (t AS 1 ) j = x acc jmin AS 1 where i + j = 5, 0 < δ AS 1 < 1, 0 < k < 1, concession factor k, and δ AS 1 are set by AS 1 .

•
The quote strategy function Quote _agr X pro AS 2 , t AS 2 , δ AS 2 is implemented as follows: When AS 2 wants to send the t AS 2 th quotation to AS 1 , it calls Quote _agr X pro AS 2 , t AS 2 , δ AS 2 to generate the t AS 2 th service quality attribute quotation vector Calculate the cost attribute quotation x (t AS 2 ) j as Formula (4) x where i + j = 5, 0 < δ AS 2 < 1, 0 < k < 1, concession factor k, and δ AS 2 are set by AS 2 .
• The payoff function U _agr X (t AS 1 ) , X pro AS 2 and dicker judgment function Dick(U, u) are implemented as follows: When AS 2 receives the service quality attribute quote vector X (t AS 1 ) , it calls Dick(U, u) to judge whether to establish a neighbor relationship.
Step 1: Call U _agr X (t AS 1 ) , X pro AS 2 function to generate the total payoff U agr . For the benefit attribute x i , the payoff of AS 2 is calculated as Formula (5) For the cost attribute x j , the payoff of AS 2 is calculated as Formula (6) Standardized processing: Calculate the total payoff of AS 2 as Formula (7) U arg = ∑ 5 e=1 ∆v e AS 2 * w e where W = w 1 , w 2 , w 3 , w 4 , w 5 represents AS 2 's private preference for service quality attributes. It is set by AS 2 .
Step 2: Call Dick U agr , u agr AS 2 to determine whether to establish a neighbor relationship.
The payoff function U _req X (t AS 2 ) , X acc AS 1 and dicker judgment function Dick(U, u) are implemented as follows: When AS 1 receives the service quality attribute quote vector X (t AS 2 ) , it calls Dick(U, u) to judge whether to establish a neighbor relationship.
Step 1: Call U _req X (t AS 2 ) , X pro AS 2 function to generate the total payoff U req . For benefit attribute x i , the payoff of AS 1 is calculated as Formula (8) For cost attribute x j , the payoff of AS 1 is calculated as Formula (9) Standardized processing: Calculate the total payoff of AS 1 as Formula (10) where W = w 1 , w 2 , w 3 , w 4 , w 5 represents AS 1 's private preference for service quality attributes, It is set by AS 1 .
Step 2: Call Dick U req , u req AS 1 to determine whether to establish a neighbor relationship.
Therefore, as long as AS follows the BNTE-BG mechanism during the neighbor establishment process, it can be guaranteed to establish a neighbor relationship with the trusted AS. The quote strategy function is based on the premise that AS is rational and willing to cooperate.

The Detection Mechanism of the BGP Malicious/Inactive Neighbors
This section mainly presents the detection algorithm of AS and the BGP malicious/inactive neighbors' detection process.

Definition 3.
Behavioral trust is the credibility of BGP neighbors' behavior when trusted neighbors forward data every time, denoted by γ (0 < γ ≤ 1).

Detection Process
Let us assume AS 1 and AS 2 have established a trusted neighbor relationship through the process described in Section 3. X succ = x succ 1 , x succ 2 , x succ 3 , x succ 4 , x succ 5 represents their agreement on bandwidth, packet loss rate, jitter, delay, and price. At this time, AS 1 needs to calculate AS 2 's behavioral trusts and checks whether it is a malicious/inactive neighbor. The specific process is as follows: Step 1: AS 1 collects the data set of bandwidth, packet loss rate, jitter, and delay when AS 2 forwards AS 1 traffic T times. The data set is marked as [X] T = X 1 , X 2 . . . X T .
Step 2: AS 1 draw on the gray correlation algorithm to calculate the AS 2 's behavioral trust γ T . Since x 2 , x 3 , and x 4 are the cost attributes, to facilitate calculation, we use the worst packet loss rate R, the largest jitter J, and the longest delay D in the actual network to process data with the same attributes in the data set [X] T . The detection algorithm is Algorithm 2.
Step 3: If behavioral trusts are all within the normal range, AS 1 and AS 2 continue to maintain the trusted neighbor relationship. If the behavioral trust γ T appears abnormal, go to Step4.
Step 4: AS 1 sends a warning to AS 2 and sets the number of forwarding ∆ T . AS 1 continues to calculate the AS 2 's behavioral trusts when it forwards ∆T times.
Step 5: If behavioral trusts are all within the normal range, AS 1 and AS 2 continue to maintain the trusted neighbor relationship. If γ ∆T still appears abnormal, AS 1 judges AS 2 as the malicious/inactive neighbor. Then, AS 1 stops paying AS 2 and filters the routing information announced/forwarded by AS 2 .

Simulation and Efficiency Analysis
This section mainly discusses the efficiency of the BNTE-BG mechanism and the detection algorithm's correctness. In terms of correctness, we mainly investigate whether the detection algorithm can correctly describe neighbors' behavior. In terms of efficiency, we consider storage increment and average convergence time. Storage increment includes the message increment and storage overhead. In terms of route average convergence time, we mainly consider the number of neighbor establishments, the number of quotations and the time spent, and the number of dicker judgments and the time spent.

Correctness
Correctness means that the detection algorithm can effectively describe whether the trusted neighbor's behaviors meet the negotiation agreement. The AS can judge malicious/inactive neighbors by the detection result. The experimental scene settings are as follows: the neighbor trust establishment requester AS 1 and the neighbor trust establishment agreer AS 2 have successfully established a trusted neighbor relationship through the BNTE-BG mechanism, and AS 2 has forwarded data T = 7 times. Negotiation agreement is X succ = x succ 1 , x succ 2 , x succ 3 , x succ 4 , x succ 5 = {50, 0.1, 15, 60, 300}. R = 1, J = 200 ms, D = 500 ms, θ = 0.3. Table 1 shows the data set collected by AS 1 .  Figure 2 shows the changes in AS 2 's behavioral trusts, which are (1, 1, 0.8331, 0.8729, 0.4998, 0.3126, 0.2557). In the first and second forwardings, AS 2 's service fully meets the negotiation agreement, and the behavioral trusts are 1. In the third, fourth, and fifth forwardings, the service provided by AS 2 could not fully meet the negotiation agreement. Among them, in the third and fourth forwardings, the service provided by AS 2 is not much different from the negotiation agreement, and AS 2 's behavioral trusts are greater than 0.8. In the fifth forwarding, the AS 2 's service is too far away from the negotiation agreement, and the behavioral trust is less than 0.5. In the sixth and seventh forwardings, the AS 2 's service completely deviates from the negotiation agreement, and the behavioral trusts are only about 0.3. During the entire period, the quality of services provided by AS 2 gradually declined, and AS 2 's behavioral trusts also gradually decreased. The results show that our detection algorithm can effectively characterize the behavior of AS 2 . When AS 1 detects that the sixth and seventh time's behavior trusts are too low, it could issue a warning to AS 2 to further verify whether it is a malicious neighbor. The AS 1 can also analyze the bandwidth and packet loss rate of the sixth and seventh forwarding to determine whether the AS 2 is a malicious/inactive neighbor. Due to the limited length of this paper, no more experiments will be carried out.
Information 2021, 12, x FOR PEER REVIEW 10 of 14 Figure 2 shows the changes in 's behavioral trusts, which are (1, 1, 0.8331, 0.8729, 0.4998, 0.3126, 0.2557). In the first and second forwardings, 's service fully meets the negotiation agreement, and the behavioral trusts are 1. In the third, fourth, and fifth forwardings, the service provided by could not fully meet the negotiation agreement. Among them, in the third and fourth forwardings, the service provided by is not much different from the negotiation agreement, and 's behavioral trusts are greater than 0.8. In the fifth forwarding, the 's service is too far away from the negotiation agreement, and the behavioral trust is less than 0.5. In the sixth and seventh forwardings, the 's service completely deviates from the negotiation agreement, and the behavioral trusts are only about 0.3. During the entire period, the quality of services provided by gradually declined, and 's behavioral trusts also gradually decreased. The results show that our detection algorithm can effectively characterize the behavior of . When detects that the sixth and seventh time's behavior trusts are too low, it could issue a warning to to further verify whether it is a malicious neighbor. The can also analyze the bandwidth and packet loss rate of the sixth and seventh forwarding to determine whether the is a malicious/inactive neighbor. Due to the limited length of this paper, no more experiments will be carried out.

Storage Increment
First, we consider the increase in the TCP message's length after adding the BNTE-BG mechanism. Because the BNTE-BG mechanism adds service quality attribute negotiation to the first stage of neighbor establishment, it is necessary to add a service quality

Storage Increment
First, we consider the increase in the TCP message's length after adding the BNTE-BG mechanism. Because the BNTE-BG mechanism adds service quality attribute negotiation to the first stage of neighbor establishment, it is necessary to add a service quality attribute quotation vector to the TCP message, which will cause message expansion. The service quality attributes contain the bandwidth, packet loss rate, delay, jitter, and price. Each attribute occupies one byte. Therefore, the TCP message's length in the BNTE-BG mechanism is 5 bytes longer than that of the BGP.
Secondly, in storage overhead, the AS guarantees data service quality by negotiating with the adjacent AS in BNTE-BG. Therefore, each BGP router only needs 20 bytes to store the service quality attribute vector range (X acc and X pro ). Table 2 shows us the storage increment of the BNTE-BG mechanism. From Table 2, we can see that the storage increment of the BNTE-BG mechanism is very small, so the burden on BGP routers will not be great.

Average Convergence Time
In the BNTE-BG mechanism, we add the service quality attribute quotations and payoffs calculations during the TCP three-way handshake, which will cause a time delay. Therefore, adding the BNTE-BG mechanism to the BGP will have an impact on the convergence time. The average convergence time is related to the number of neighbor establishment instances #sum, the number of quotations #quote, the time spent in quotation calculation t quote , the number of dicker judgments #dick, and the time spent in dicker judgment t dick , etc. Assuming that the number of ASes in the network topology is N, the maximum number of neighbor establishment times are #sum = N * (N−1) 2 , N ≥ 2. In the BGP protocol neighbor establishment process, after the TCP connection is completed at the transport layer, it needs to exchange parameters through FSM. If exchanging parameters fails, the neighbor establishment will fail. Thus, a successful neighbor establishment has a probably. Assuming that the probability of a successful FSM is p, then the convergence time increment model is as follows: where ∆Time represents the increase in convergence time after adding the BNTE-BG mechanism to the BGP.
Before the average convergence time experiment, we analyze the influence of concession factor k, the negotiation ability δ and, the number of quotations T on k + (1 − k) * (t/T) δ representing the concession of AS.
The experimental results are shown in Figure 3; the greater the value of k, the greater the concession that AS will make, but the lower the concession rate.
The experimental results are shown in Figure 3; the greater th the concession that AS will make, but the lower the concession rat By setting k = 0.4, we respectively examined the changes of der = 3, = 5 and = 7. The experimental results are shown in Figure 4; the fewer the the greater the concession and concession rate of AS. The experimental results are shown in Figure 4; the fewer the number of quotations, the greater the concession and concession rate of AS.   Figure 5; the greater the val the concession that AS will make. When = 0.1, + (1 − ) * ( ⁄ ) rapidly and then tends to level off. When = 0.9, + (1 − ) * ( ⁄ steady speed. Therefore, can be divided into two types. When 0 < We set k = 0.4 and examined the changes of k + (1 − k) * (t/T) δ under δ = 0.1, δ = 0.5, and δ = 0.9.
The experimental results are shown in Figure 5; the greater the value of δ, the greater the concession that AS will make. When δ = 0.1, k + (1 − k) * (t/T) δ initially increases rapidly and then tends to level off. When δ = 0.9, k + (1 − k) * (t/T) δ increases at a steady speed. Therefore, AS can be divided into two types. When 0 < δ < 0.5, the AS is eager to establish neighbor relations. When 0.5 ≤ δ < 1, the AS is calm and has enough patience to negotiate. = 0.5, and = 0.9. The experimental results are shown in Figure 5; the greater the val the concession that AS will make. When = 0.1, + (1 − ) * ( ⁄ ) rapidly and then tends to level off. When = 0.9, + (1 − ) * ( ⁄ steady speed. Therefore, can be divided into two types. When 0 < eager to establish neighbor relations. When 0.5 ≤ < 1, the AS is cal patience to negotiate. In the average convergence time experiment, we use the CAIDA I pology Dataset [24] and extract some subgraphs from it for experimen rameters were set as follows: the link delay was 0.6 s, = 0.9, = 0.7, The purpose of the experiment is to investigate the changes in the av time of BNTE-BG, BGP, and NS-BGP mechanisms as the size of the AS The experimental results are shown in Figure 6. In the average convergence time experiment, we use the CAIDA IPv4 Routed/24 Topology Dataset [24] and extract some subgraphs from it for experiments. The specific parameters were set as follows: the link delay was 0.6 s, p = 0.9, δ = 0.7, k = 0.5, and T = 3. The purpose of the experiment is to investigate the changes in the average convergence time of BNTE-BG, BGP, and NS-BGP mechanisms as the size of the AS topology changes. The experimental results are shown in Figure 6. As the topology's scale expands and the number of neighbor creases, the average convergence time of the BNTE-BG mechanism, As the topology's scale expands and the number of neighbor establishments increases, the average convergence time of the BNTE-BG mechanism, BGP, and NS-BGP mechanism gradually increases. At the same time, the convergence speed of the BNTE-BG mechanism and the NS-BGP mechanism decreases. Because the BNTE-BG mechanism adds quotations and payoffs calculations during the neighbor establishment phase, the average convergence time is longer than that of the BGP. NS-BGP needs a special route for each neighbor, and the average convergence time will be longer than that of the BGP. Unlike NS-BGP, which requires special calculations for the needs of each neighbor, the BNTE-BG mechanism only needs to negotiate at a fixed time, so the average convergence time of the BNTE-BG mechanism is less than that of NS-BGP. Experimental results show that the BNTE-BG mechanism has better convergence than the NS-BGP mechanism.

Conclusions
The secure establishment of neighbors in the BGP is an important issue of BGP security. Research resources are scarce, and an easily deployed neighbor trust establishment mechanism is still an important research direction. Therefore, this paper proposes a BGP neighbor trust establishment mechanism based on the bargaining game, BNTE-BG, which combines the bargaining game model with bandwidth, delay, jitter, packet loss rate, and price. It allows ASes to choose trusted neighbors that meet route security requirements flexibly and ultimately achieves network security. When the trusted neighbor is working, we use the gray correlation algorithm to calculate the behavioral trust of the trusted neighbor, and effectively detect malicious/inactive neighbors. The BNTE-BG mechanism has the advantages of less storage increment, less modification of the BGP protocol content, and easier implementation in networks with complex business relationships. Based on analysis of correctness experiments, the detection algorithm can effectively detect malicious/inactive neighbors. Our future research will further expand the service quality attributes, such as adding the attribute "geographic location", so that ASes can select trusted neighbors in more detail.

Conflicts of Interest:
The authors declare no conflict of interest.