Abstract
BGP prefix hijacking remains a serious security threat to the Internet. Despite many detection mechanisms have been proposed, few of them are practically deployed in a large scale. Inaccuracy of detection and inefficiency of deployment are two major causing problems. In this paper, based on the key observation that the distribution of traffic load to a prefix will change unusually after the prefix is hijacked, we present a system LDC to detect BGP prefix hijacking by passively monitoring Load Distribution Change on direct providers of prefix's owner, with the purpose of Leveraging Data-plane information to detect Control-plane problem. Through large amount of simulations of hijacking attacks and AS failure events based on empirical data, we evaluate the accuracy of LDC under different deployment situations, moreover, gain useful insights about choosing detection threshold accordingly.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 2012 IEEE 26th International Parallel and Distributed Processing Symposium Workshops, IPDPSW 2012 |
| Pages | 1197-1203 |
| Number of pages | 7 |
| DOIs | |
| Publication status | Published - 18 Oct 2012 |
| Event | 2012 IEEE 26th International Parallel and Distributed Processing Symposium Workshops, IPDPSW 2012 - Shanghai, China Duration: 21 May 2012 → 25 May 2012 |
Conference
| Conference | 2012 IEEE 26th International Parallel and Distributed Processing Symposium Workshops, IPDPSW 2012 |
|---|---|
| Country/Territory | China |
| City | Shanghai |
| Period | 21/05/12 → 25/05/12 |
Keywords
- BGP prefix hijacking
- detection
- direct provider
- load distribution
ASJC Scopus subject areas
- Software