On the Effectiveness of BGP Hijackers That Evade Public Route Collectors

Milolidakis, Alexandros; Bühler, Tobias; Wang, Kunyu; Chiesa, Marco; Vanbever, Laurent; Vissicchio, Stefano

doi:10.1109/access.2023.3261128

Cited by 8 publications

(2 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These hidden AS links not only introduce incompleteness to the Internet's AS-level topology but also pose significant risks to routing security. Milolidakis [8] discovered through research that attackers can exploit these hidden links by intricately designing route announcements to evade the observation of route collectors, thereby executing attacks such as path spoofing [9] and prefix hijacking [10]. Additionally, the business relationship between the two ends of these hidden links remains unclear since the links cannot be observed in BGP routing data.…”

Section: Introductionmentioning

confidence: 99%

Hidden-SAGE: For the Inference of Complex Autonomous System Business Relationships Involving Hidden Links

Gao,

Li,

Xie

2024

Electronics

View full text Add to dashboard Cite

Routing security is a crucial aspect of internet security. The main issues involved in routing security include Border Gateway Protocol (BGP) route leak and prefix hijacking. Currently, numerous solutions have been proposed for these issues, and significant breakthroughs have been achieved. However, these methods focus on visible data on the internet, overlooking the limited coverage of vantage points (VPs). Existing research indicates that attackers can cleverly design route announcements to evade detection by route collectors, thus executing routing attacks. Furthermore, many current methods for detecting route leaks rely on traditional business relationships between Autonomous Systems (AS), but the modeling of traditional AS business relationships is increasingly challenging to comprehensively cover business interactions between ASs. Therefore, we have developed Hidden-SAGE. A framework that extends AS-level internet topology and extracts complex business relationships between ASs from limited routing information. Hidden-SAGE utilizes graph neural networks to discover hidden AS links and employs random forests to infer complex business relationships between links. It successfully reduces visual bias caused by uneven VP distribution and constructs a more comprehensive AS-level internet rich-text topology. Compared to advanced inference algorithms, Hidden-SAGE performs better across various metrics and imposes fewer restrictions on the inference target.

show abstract

Section: Introductionmentioning

confidence: 99%

Hidden-SAGE: For the Inference of Complex Autonomous System Business Relationships Involving Hidden Links

Gao,

Li,

Xie

2024

Electronics

View full text Add to dashboard Cite

show abstract

“…However, given the information-hiding character of BGP, the current collection strategies do not provide comprehensive visibility of the global routing system. Researchers have recently demonstrated how strategically-scoped attacks can evade visibility of current collection systems [12].…”

Section: Introductionmentioning

confidence: 99%

Internet Science Moonshot

Alfroy,

Holterbach,

Krenc

et al. 2023

Proceedings of the 22nd ACM Workshop on Hot Topics in Networks

View full text Add to dashboard Cite

Dramatic growth in Internet connectivity poses a challenge for the resource-constrained data collection e orts that support scienti c and operational analysis of interdomain routing. Inspired by tradeo s made in other disciplines, we explore a fundamental reconceptualization to how we design public BGP data collection architectures: an overshoot-anddiscard approach that can accommodate an order of magnitude increase in vantage points by discarding redundant data shortly after its collection. As de ning redundant depends on the context, we design algorithms that lter redundant updates without optimizing for one objective, and evaluate our approach in terms of detecting two noteworthy phenomena using BGP data: AS-topology mapping and hijacks. Our approach can generalize to other types of Internet data (e.g., traceroute, tra c). We o er this study as a rst step to a potentially new area of Internet measurement research.

show abstract