Name
Abstract | ||
|---|---|---|
IP prefix hijacking remains a major threat to the security of the Internet routing system due to a lack of authoritative prefix ownership information. Despite many efforts in designing IP prefix hijack detection schemes, no existing design can satisfy all the critical requirements of a truly effective system: real-time, accurate, lightweight, easily and incrementally deployable, as well as robust in victim notification. In this paper, we present a novel approach that fulfills all these goals by monitoring network reachability from key external transit networks to one's own network through lightweight prefix-owner-based active probing. Using the prefix-owner's view of reachability, our detection system, iSPY, can differentiate between IP prefix hijacking and network failures based on the observation that hijacking is likely to result in topologically more diverse polluted networks and unreachability. Through detailed simulations of Internet routing, 25-day deployment in 88 autonomous systems (ASs) (108 prefixes), and experiments with hijacking events of our own prefix from multiple locations, we demonstrate that iSPY is accurate with false negative ratio below 0.45% and false positive ratio below 0.17%. Furthermore, iSPY is truly real-time; it can detect hijacking events within a few minutes. |
Year | DOI | Venue |
|---|---|---|
2010 | 10.1109/TNET.2010.2066284 | IEEE/ACM Transactions on Networking |
Keywords | Field | DocType |
hijacking event,ip prefix hijacking,diverse polluted network,detection system,bgp,routing,prefix hijacking,effective system,autonomous system,detection,authoritative prefix ownership information,internet routing system,key external transit network,own prefix,internet,satisfiability,false positive,computer network security,topology,real time systems,internet routing,real time | Computer science,Network security,Computer network,IP hijacking,Prefix,Reachability,Autonomous system (mathematics),Autonomous system (Internet),IP forwarding,Distributed computing,The Internet | Journal |
Volume | Issue | ISSN |
18 | 6 | 1063-6692 |
Citations | PageRank | References |
49 | 1.66 | 33 |
Authors | ||
5 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Zheng Zhang | 1 | 337 | 23.77 |
| Ying Zhang | 2 | 419 | 28.64 |
| Y. Charlie Hu | 3 | 3357 | 181.75 |
| Zhuoqing Morley Mao | 4 | 5719 | 363.11 |
| Randy Bush | 5 | 468 | 41.69 |