Classification of BGP anomalies using decision trees and fuzzy rough sets

Li, Yan; Xing, Hong-Jie; Hua, Qiang; Wang, Xizhao; Batta, Prerna; Haeri, Soroush; Trajković, Ljiljana

doi:10.1109/smc.2014.6974096

Cited by 30 publications

(9 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Machine learning techniques have been recently employed in designing BGP anomaly detection systems [5]- [7]. In this paper, we use Naïve Bayes (NB), Decision Tree (J48), and SVM Radial Basis Function (RBF) kernel classifiers implemented in Weka (v. 3.7.11) and test their ability to reliably detect network anomalies.…”

Section: Introductionmentioning

confidence: 99%

Performance evaluation of BGP anomaly classifiers

Ćosović

Obradović

Trajković

2015

2015 Third International Conference on Digital Information, Networking, and Wireless Communications (DINWC)

Self Cite

View full text Add to dashboard Cite

Abstract-Changes in the network topology such as large-scale power outages or Internet worm attacks are events that may induce routing information updates. Border Gateway Protocol (BGP) is by Autonomous Systems (ASes) to address these changes. Network reachability information, contained in BGP update messages, is stored in the Routing Information Base (RIB). Recent BGP anomaly detection systems employ machine learning techniques to mine network data. In this paper, we evaluated performance of several machine learning algorithms for detecting Internet anomalies using RIB. Naive Bayes (NB), Support Vector Machine (SVM), and Decision Tree (J48) classifiers are employed to detect network traffic anomalies. We evaluated feature discretization and feature selection using three data sets of known Internet anomalies.

show abstract

Section: Introductionmentioning

confidence: 99%

Performance evaluation of BGP anomaly classifiers

Ćosović

Obradović

Trajković

2015

2015 Third International Conference on Digital Information, Networking, and Wireless Communications (DINWC)

Self Cite

View full text Add to dashboard Cite

show abstract

“…Li et al used the fuzzy rough sets approach for feature selection and reduction then trained decision tree and Effective Learning Machine (ELM) Algorithm to detect anomalies. By doing this, 92% accuracy with decision trees and 84.59% with ELM was achieved [14].…”

Section: Literature Reviewmentioning

confidence: 99%

BGP Anomaly Detection using Decision Tree Based Machine Learning Classifiers

Bhatnagar¹,

Majumdar²,

Shukla*³

2019

IJITEE

View full text Add to dashboard Cite

Abstract: Border Gateway Protocol (BGP) is utilized to send and receive data packets over the internet. Over the years, this protocol has suffered from some massive hits, caused by worms, such as Nimda, Slammer, Code Red etc., hardware failures, and/or prefix hijacking. This caused obstruction of services to many. However, Identification of anomalous messages traversing over BGP allows discovering of such attacks in time. In this paper, a Machine Learning approach has been applied to identify such BGP messages. Principal Component Analysis technique was applied for reducing dimensionality up to 2 components, followed by generation of Decision Tree, Random Forest, AdaBoost and GradientBoosting classifiers. On fine tuning the parameters, the random forest classifier generated an accuracy of 97.84%, the decision tree classifier followed closely with an accuracy of 97.38%. The GradientBoosting Classifier gave an accuracy of 95.41% and the AdaBoost Classifier gave an accuracy of 94.43%.

show abstract

“…Malicious actors have the potential to influence BGP to deny service, sniff communications, reroute traffic to malicious networks, and create network instabilities (Meinel, 2008). Abnormal routing behaviour can disrupt global or local bound Internet connectivity and stability (Li et al, 2014;Murphy, 2006).…”

Section: Border Gateway Protocolmentioning

confidence: 99%