Towards real-time route leak events detection

Shen Su, Beichuan Zhang, Lin Ye, Hongli Zhang, Nathan Yee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Scopus citations

Abstract

Malicious attack and misconfiguration can cause unreachable websites, network outages, and other damages. Such incidents are usually observed together with anomalous AS paths which violate a 'valley-free' policy. Existing techniques to infer routing policy cannot satisfy industrial demand of real-time route leak detection because they are very likely to trigger false positives. In this paper, we propose an online detection scheme dedicated to detect route leak AS paths. Based on long-lived routing paths, and route anomalous concurrency, we manage to filter possible false positives in online scenarios. Applying this scheme to Oregon's routing data from 2009 to 2013, we detect 136 route leak events. Our evaluation shows that our scheme triggers no false positives, and most of these events are previously unknown to the research and operation communities at large.

Original languageEnglish (US)
Title of host publicationIEEE International Conference on Communications
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages7192-7197
Number of pages6
Volume2015-September
ISBN (Print)9781467364324
DOIs
Publication statusPublished - Sep 9 2015
EventIEEE International Conference on Communications, ICC 2015 - London, United Kingdom
Duration: Jun 8 2015Jun 12 2015

Other

OtherIEEE International Conference on Communications, ICC 2015
CountryUnited Kingdom
CityLondon
Period6/8/156/12/15

    Fingerprint

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Computer Networks and Communications

Cite this

Su, S., Zhang, B., Ye, L., Zhang, H., & Yee, N. (2015). Towards real-time route leak events detection. In IEEE International Conference on Communications (Vol. 2015-September, pp. 7192-7197). [7249474] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICC.2015.7249474