Online detection of concurrent prefix hijacks

Shen Su, Beichuan Zhang, Binxing Fang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

Prefix hijacking is a major security threat to the global Internet routing system. Concurrent prefix hijack detection has been proven to be an effective method to defend routing security. However, the existing concurrent prefix hijack detection scheme considers no prefix ownership changes, and online concurrent prefix hijack detection endures seriously false positive. In this paper, we study the possible characters to filter out false positive events generated online by machine learning, and apply such characters in the online detection. Our result shows that our refined online concurrent prefix hijack detection can detect all offline detected events with no false positive. We also confirm that (1) neighboring ASes seldom hijack each other’s prefixes; (2) large ISPs seldom suffer from prefix hijacks or conduct hijacks.

Original languageEnglish (US)
Title of host publicationInternational Conference on Security and Privacy in Communication Networks - 10th International ICST Conference, SecureComm 2014, Revised Selected Papers
EditorsMudhakar Srivatsa, Jing Tian, Jiwu Jing
PublisherSpringer-Verlag
Pages69-83
Number of pages15
ISBN (Print)9783319238012
DOIs
StatePublished - 2015
Event10th International Conference on Security and Privacy in Communication Networks, SecureComm 2014 - Beijing, China
Duration: Sep 24 2014Sep 26 2014

Publication series

NameLecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
Volume153
ISSN (Print)1867-8211

Other

Other10th International Conference on Security and Privacy in Communication Networks, SecureComm 2014
CountryChina
CityBeijing
Period9/24/149/26/14

Keywords

  • False positive
  • Online detection
  • Prefix hijack

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Online detection of concurrent prefix hijacks'. Together they form a unique fingerprint.

Cite this