Emulation on the Internet Prefix Hijacking Attack Impaction

There have been many incidents of IP prefix hijacking by BGP protocol in the Internet. Attacks may hijack victim's address space to disrupt network services or perpetrate malicious activities such as spamming and DoS attacks without disclosing identity. The relation between network topology and prefix hijacking influence is presented for all sorts of hijacking events in different Internet layers. The impaction parameter is analyzed for typical prefix hijacking events in different layers. A large Internet emulation environment is constructed and the attack impaction of IP prefix hijacking events are evaluated. The results assert that the hierarchical nature of network influences the prefix hijacking greatly.

[1]  Sharon Goldberg,et al.  How secure are secure interdomain routing protocols , 2010, SIGCOMM '10.

[2]  Joseph Kee-yin Ng,et al.  Extensions to BGP to Support Secure Origin BGP , 2004 .

[3]  Volker Roth,et al.  Listen and whisper: security mechanisms for BGP , 2004 .

[4]  Ramesh Govindan,et al.  An analysis of Internet inter-domain topology and route stability , 1997, Proceedings of INFOCOM '97.

[5]  Shuyuan Mary Ho,et al.  A Thief among Us: The Use of Finite-State Machines to Dissect Insider Threat in Cloud Communications , 2012, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[6]  Jennifer Rexford,et al.  MIRO: multi-path interdomain routing , 2006, SIGCOMM 2006.

[7]  A. Terzis,et al.  Efficient Techniques for Detecting False Origin Advertisements in Inter-domain Routing , 2006, 2006 2nd IEEE Workshop on Secure Network Protocols.

[8]  J.J. Garcia-Luna-Aceves,et al.  Securing the border gateway routing protocol , 1996, Proceedings of GLOBECOM'96. 1996 IEEE Global Telecommunications Conference.

[9]  Zhuoqing Morley Mao,et al.  Accurate Real-time Identification of IP Prefix Hijacking , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[10]  Feng Zhao,et al.  The Relation on Prefix Hijacking and the Internet Hierarchy , 2012, 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.

[11]  Dan Pei,et al.  A light-weight distributed scheme for detecting ip prefix hijacks in real-time , 2007, SIGCOMM 2007.

[12]  Sean W. Smith,et al.  Aggregated path authentication for efficient BGP security , 2005, CCS '05.

[13]  Jennifer Rexford,et al.  Pretty Good BGP: Improving BGP by Cautiously Adopting Routes , 2006, Proceedings of the 2006 IEEE International Conference on Network Protocols.

[14]  Lixia Zhang,et al.  Understanding Resiliency of Internet Topology against Prefix Hijack Attacks , 2007, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'07).

[15]  Constantinos Dovrolis,et al.  Beware of BGP attacks , 2004, CCRV.

[16]  Lixin Gao,et al.  Hierarchical structure of the logical Internet graph , 2001, SPIE ITCom.

[17]  Daniel Massey,et al.  PHAS: A Prefix Hijack Alert System , 2006, USENIX Security Symposium.

[18]  Patrick D. McDaniel,et al.  A Survey of BGP Security Issues and Solutions , 2010, Proceedings of the IEEE.

[19]  Stephen T. Kent,et al.  Secure Border Gateway Protocol (S-BGP) , 2000, IEEE Journal on Selected Areas in Communications.

[20]  Tony Tauber,et al.  BGP Security Requirements , 2008 .