Title :
Argus: An accurate and agile system to detecting IP prefix hijacking
Author :
Xiang, Yang ; Wang, Zhiliang ; Yin, Xia ; Wu, Jianping
Author_Institution :
Tsinghua Nat. Lab. for Inf. Sci. & Technol. (TNList), Beijing, China
Abstract :
The de facto inter-domain routing protocol, Border Gateway Protocol (BGP), plays a critical role in the Internet routing reliability. Invalid routes generated by mis-configurations or malicious attacks will devastate the Internet routing system. In the near future, deploying a secure BGP in the Internet to completely prevent hijacking is impossible. As a result, lots of hijacking detection systems have emerged. However, they have more or less weaknesses such as long detection delay, high false alarm rate or deploy hardness. This paper proposes Argus, an agile system to fast and accurate detect prefix hijacking. Argus already keeps on running in the Internet for two months and identified several possible hijackings. Initial results show that it usually discovers a hijacking in less than ten seconds, and can significantly decrease the false alarm rate.
Keywords :
IP networks; Internet; protocols; telecommunication network reliability; telecommunication network routing; BGP; IP prefix hijacking; Internet routing reliability; agile system; border gateway protocol; de facto interdomain routing protocol; false alarm rate; Databases; Delay; IP networks; Internet; Routing; Routing protocols;
Conference_Titel :
Network Protocols (ICNP), 2011 19th IEEE International Conference on
Conference_Location :
Vancouver, BC
Print_ISBN :
978-1-4577-1392-7
DOI :
10.1109/ICNP.2011.6089080
