Title :
Detecting AS hijacking in one administrative domain
Author :
Chunxiu Li ; Yujie Ma ; Ke Li ; Xin Li ; Jiangang Zhou ; Shanzhi Chen
Author_Institution :
Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
Due to the inherent design faults of the Border Gateway Protocol (BGP), BGP prefix hijacking remains a serious security threat to the Internet routing system. AS hijacking enables an attacker to pass the prefix ownership validation mechanism, it is more sophisticated than IP prefix hijacking. So far, many efforts have been done on the detection of prefix hijacking, however, AS hijacking has not received enough attention. This paper presents a system that is capable of detecting AS hijacking inside one administrative domain before they pollute a large number of external Autonomous Systems (ASes) on the Internet. Experiment results show that our proposed system can detect AS hijacking attacks with high accuracy and low detection latency. Furthermore, it is suitable for incremental deployment.
Keywords :
Internet; computer network security; routing protocols; AS hijacking detection; BGP; IP prefix hijacking; Internet routing system; administrative domain; border gateway protocol; external autonomous systems; low detection latency; prefix hijacking detection; prefix ownership validation mechanism; serious security threat; Accuracy; Detection algorithms; Internet; Monitoring; Real-time systems; Routing; Security; AS hijacking; BGP; Hijacking detection; Security;
Conference_Titel :
Communication Technology (ICCT), 2013 15th IEEE International Conference on
Conference_Location :
Guilin
DOI :
10.1109/ICCT.2013.6820405
