DocumentCode :
263565
Title :
Inter-AS routing anomalies: Improved detection and classification
Author :
Wubbeling, Matthias ; Meier, Markus ; Elsner, Till
Author_Institution :
Fraunhofer FKIE, Univ. of Bonn, Bonn, Germany
fYear :
2014
fDate :
3-6 June 2014
Firstpage :
223
Lastpage :
238
Abstract :
Based on the interconnection of currently about 45,000 Autonomous Systems (ASs) the Internet and its routing system in particular is highly fragile. To exchange inter-AS routing information, the Border Gateway Protocol (BGP) is used since the very beginning, and will be used for the next years, even with IPv6. BGP has many weaknesses by design, of which the implicit trust of ASs to each other AS is the most threatening one. Although this has been topic on network security research for more than a decade, the problem still persists with no solution in sight. This paper contributes a solution to stay up to date concerning inter-AS routing anomalies based on a broad evidence collected from different publicly available sources. Such an overview is necessary to question and to rely on the Internet as a basis in general and must be a part of every cyber defense strategy. Existing methods of detecting inter-AS routing anomalies result in large sets of real time routing anomalies, based on the evaluation of routing announcements collected from different viewpoints. To decide, whether a detected anomaly is harmful or not, each of them has to be classified and correlated to others. We combine various detection methods and improve them with additional publicly available information. The improved outcome of the implemented routing anomaly detection system is used as input for our classification algorithms.
Keywords :
IP networks; Internet; computer network security; routing protocols; trusted computing; BGP; IPv6; Internet; anomaly detection system; autonomous systems; border gateway protocol; implicit trust; interAS routing anomalies; network security; Educational institutions; IP networks; Internet; Reliability; Routing; Routing protocols; Security; Anomaly Detection; Autonomous Systems; BGP; Internet; Routing;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Cyber Conflict (CyCon 2014), 2014 6th International Conference On
Conference_Location :
Tallinn
ISSN :
2325-5366
Print_ISBN :
978-9949-9544-0-7
Type :
conf
DOI :
10.1109/CYCON.2014.6916405
Filename :
6916405
Link To Document :
بازگشت