Analysis of prefix hijacking based on AS hierarchical model

BGP prefix hijacking is one of the main threatens for the Internet. It is important to identify the impact factors for prefix hijacking. This paper studies the problem from the view of AS logical topology by analysis of the data from the snapshots of CAIDA. We propose a hierarchical model based on AS relationship to classify the AS nodes into different level and define core size of each node to prioritize them in each level. Two metrics named infected number and infected diameter are introduced to analyze the relationship between the logical structural characters of AS node and the impact of prefix hijacking. The results show that core size, which reflects the relation of an AS node with Tier-1 AS nodes, and AS level are two main important factors. AS nodes in higher level or with bigger core size are able to infect more nodes. However, AS node in lower level has longer infected diameters. This phenomenon indicates that the prefix hijacking with attacker in lower level is harder to detect.