Title :
A Packet-Based Anomaly Detection Model for Inter-domain Routing
Author :
Cao, Huayang ; Wang, Miao ; Wang, Xiaoqiang ; Zhu, Peidong
Author_Institution :
Sch. of Comput., Nat. Univ. of Defense Technol., Changsha, China
Abstract :
The current implementation of BGP protocol has a variety of vulnerabilities and weakness. Monitoring BGPpsilas behavior is an effective way to improve the security of inter-domain routing. Due to the difficulty of obtaining routing tables from autonomous systems, a packet-based model for detecting routing anomalies is presented. This model contains data collectors, anomaly detection engine, routing information database and result visualization module. A rule-based approach is designed, and the combined usage of rules and routing information database is proved to be effective on improving the accuracy of detection. Experiment results show that model performs well in detecting various anomalies. The feasibility and validity of the detecting approach are demonstrated by the detailed description of the deployment and performance analysis.
Keywords :
Internet; security of data; telecommunication network routing; telecommunication security; BGP protocol; Internet; anomaly detection engine; data collectors; interdomain routing; packet-based anomaly detection model; result visualization module; routing information database; rule-based approach; security; Computer architecture; Data visualization; Information security; Internet; Monitoring; Real time systems; Routing protocols; Search engines; Traffic control; Visual databases; Anomaly Detection; Inter-domain Routing System; Real-time Monitoring; Rule-based Approach;
Conference_Titel :
Networking, Architecture, and Storage, 2009. NAS 2009. IEEE International Conference on
Conference_Location :
Hunan
Print_ISBN :
978-0-7695-3741-2
DOI :
10.1109/NAS.2009.41
