Whom to Convince? It Really Matters in BGP Prefix Hijacking Attack and Defense
BGP prefix hijacking is one serious security threat to the Internet. In a hijacking attack, the attacker tries to convince as many ASes as possible to become infectors for redirecting data traffic to him instead of the victim. It is important to understand why the impact degree of prefix hijacking differs a lot in different attacks. In this paper, we present a trust propagation model to understand how ASes choose and propagate routes in the Internet; define AS Criticality to describe the ability of an AS for transmitting routing information; and evaluate impact of prefix hijacking attacks based on this metric. From the results of a large amount of simulations and analysis of real prefix hijacking incidents that occurred in the Internet, we find that only a few ASes have very high AS Criticality, and numerous ASes have very low Criticality. There is a tight relationship between the impact of attacks and the Criticality of infectors. For prefix hijacking attack, it is impactful to convince the most critical ASes to trust the false route forged by the attacker. And for prefix hijacking defense, it is effective to convince the most critical ASes to stick to the origin route announced by the victim.
KeywordsBGP prefix hijacking Impact evaluation Tier-1 AS AS Criticality
Unable to display preview. Download preview PDF.
- 1.Popescu, A.C., Premore, B.J., Underwood, T.: Anatomy of a leak: AS9121. Renesys Corp. (2004)Google Scholar
- 2.Pakistan hijacks YouTube, http://www.renesys.com/blog/2008/02/pakistan_hijacks_youtube_1.shtml
- 3.Routing Instability. NANOG mail archives, http://www.merit.edu/mail.archives/nanog/2001-04/msg00209.html
- 4.Route Views Project Page, http://www.route-views.org
- 7.Lad, M., Oliveira, R., Zhang, B., Zhang, L.: Understanding resiliency of Internet topology against prefix hijack attacks. In: Proc. of the 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Edinburgh, Scotland (2007)Google Scholar
- 8.CAIDA AS Relationships, http://www.caida.org/data/active/as-relationships/
- 9.Tier 1 network - Wikipedia entry, 1 network, http://en.wikipedia.org/wiki/Tier
- 10.Goldberg, S., Schapira, M., Hummon, P., Rexford, J.: How Secure are Secure Interdomain Routing Protocols? In: Proc. of ACM SIGCOMM 2010, New Delhi, India (2010)Google Scholar