论文信息 - Detecting AS hijacking in one administrative domain

Detecting AS hijacking in one administrative domain

Due to the inherent design faults of the Border Gateway Protocol (BGP), BGP prefix hijacking remains a serious security threat to the Internet routing system. AS hijacking enables an attacker to pass the prefix ownership validation mechanism, it is more sophisticated than IP prefix hijacking. So far, many efforts have been done on the detection of prefix hijacking, however, AS hijacking has not received enough attention. This paper presents a system that is capable of detecting AS hijacking inside one administrative domain before they pollute a large number of external Autonomous Systems (ASes) on the Internet. Experiment results show that our proposed system can detect AS hijacking attacks with high accuracy and low detection latency. Furthermore, it is suitable for incremental deployment.

[1] Yakov Rekhter,et al. A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.

[2] Randy Bush,et al. iSPY: Detecting IP Prefix Hijacking on My Own , 2008, IEEE/ACM Transactions on Networking.

[3] Ratul Mahajan,et al. Understanding BGP misconfiguration , 2002, SIGCOMM 2002.

[4] Dan Pei,et al. A light-weight distributed scheme for detecting ip prefix hijacks in real-time , 2007, SIGCOMM 2007.

[5] Dan Pei,et al. A light-weight distributed scheme for detecting ip prefix hijacks in real-time , 2007, SIGCOMM '07.

[6] Stephen T. Kent,et al. Secure Border Gateway Protocol (S-BGP) , 2000, IEEE Journal on Selected Areas in Communications.

[7] Geoff Huston,et al. Validation of Route Origination Using the Resource Certificate Public Key Infrastructure (PKI) and Route Origin Authorizations (ROAs) , 2012, RFC.

[8] Yang Xiang,et al. Detecting prefix hijackings in the internet with argus , 2012, Internet Measurement Conference.

[9] Georg Carle,et al. A forensic case study on as hijacking: the attacker's perspective , 2013, CCRV.

[10] Daniel Massey,et al. PHAS: A Prefix Hijack Alert System , 2006, USENIX Security Symposium.

[11] Evangelos Kranakis,et al. On interdomain routing security and pretty secure BGP (psBGP) , 2007, TSEC.

[12] Jinjing Zhao,et al. Model construction on prefix hijacking attack , 2012, 2012 IEEE 14th International Conference on Communication Technology.