Argus: An accurate and agile system to detecting IP prefix hijacking

Author

Xiang, Yang ; Wang, Zhiliang ; Yin, Xia ; Wu, Jianping

Author_Institution

Tsinghua Nat. Lab. for Inf. Sci. & Technol. (TNList), Beijing, China

fYear

2011

fDate

17-20 Oct. 2011

Firstpage

43

Lastpage

48

Abstract

The de facto inter-domain routing protocol, Border Gateway Protocol (BGP), plays a critical role in the Internet routing reliability. Invalid routes generated by mis-configurations or malicious attacks will devastate the Internet routing system. In the near future, deploying a secure BGP in the Internet to completely prevent hijacking is impossible. As a result, lots of hijacking detection systems have emerged. However, they have more or less weaknesses such as long detection delay, high false alarm rate or deploy hardness. This paper proposes Argus, an agile system to fast and accurate detect prefix hijacking. Argus already keeps on running in the Internet for two months and identified several possible hijackings. Initial results show that it usually discovers a hijacking in less than ten seconds, and can significantly decrease the false alarm rate.

Keywords

IP networks; Internet; protocols; telecommunication network reliability; telecommunication network routing; BGP; IP prefix hijacking; Internet routing reliability; agile system; border gateway protocol; de facto interdomain routing protocol; false alarm rate; Databases; Delay; IP networks; Internet; Routing; Routing protocols;

fLanguage

English

Publisher

ieee

Conference_Titel

Network Protocols (ICNP), 2011 19th IEEE International Conference on

Conference_Location

Vancouver, BC

Print_ISBN

978-1-4577-1392-7

Type

conf

DOI

10.1109/ICNP.2011.6089080

Filename

6089080