Advertisement

Whom to Convince? It Really Matters in BGP Prefix Hijacking Attack and Defense

  • Yujing Liu
  • Bin Dai
  • Peidong Zhu
  • Jinshu Su
Part of the Communications in Computer and Information Science book series (CCIS, volume 184)

Abstract

BGP prefix hijacking is one serious security threat to the Internet. In a hijacking attack, the attacker tries to convince as many ASes as possible to become infectors for redirecting data traffic to him instead of the victim. It is important to understand why the impact degree of prefix hijacking differs a lot in different attacks. In this paper, we present a trust propagation model to understand how ASes choose and propagate routes in the Internet; define AS Criticality to describe the ability of an AS for transmitting routing information; and evaluate impact of prefix hijacking attacks based on this metric. From the results of a large amount of simulations and analysis of real prefix hijacking incidents that occurred in the Internet, we find that only a few ASes have very high AS Criticality, and numerous ASes have very low Criticality. There is a tight relationship between the impact of attacks and the Criticality of infectors. For prefix hijacking attack, it is impactful to convince the most critical ASes to trust the false route forged by the attacker. And for prefix hijacking defense, it is effective to convince the most critical ASes to stick to the origin route announced by the victim.

Keywords

BGP prefix hijacking Impact evaluation Tier-1 AS AS Criticality 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Popescu, A.C., Premore, B.J., Underwood, T.: Anatomy of a leak: AS9121. Renesys Corp. (2004)Google Scholar
  2. 2.
  3. 3.
    Routing Instability. NANOG mail archives, http://www.merit.edu/mail.archives/nanog/2001-04/msg00209.html
  4. 4.
    Route Views Project Page, http://www.route-views.org
  5. 5.
    Gao, L.X.: On inferring autonomous system relationships in the Internet. IEEE-ACM Transactions on Networking 9, 733–745 (2001)CrossRefGoogle Scholar
  6. 6.
    Ballani, H., Francis, P., Zhang, X.: A study of prefix hijacking and interception in the Internet. ACM SIGCOMM Computer Communication Review 37, 265–276 (2007)CrossRefGoogle Scholar
  7. 7.
    Lad, M., Oliveira, R., Zhang, B., Zhang, L.: Understanding resiliency of Internet topology against prefix hijack attacks. In: Proc. of the 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Edinburgh, Scotland (2007)Google Scholar
  8. 8.
  9. 9.
    Tier 1 network - Wikipedia entry, 1 network, http://en.wikipedia.org/wiki/Tier
  10. 10.
    Goldberg, S., Schapira, M., Hummon, P., Rexford, J.: How Secure are Secure Interdomain Routing Protocols? In: Proc. of ACM SIGCOMM 2010, New Delhi, India (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Yujing Liu
    • 1
  • Bin Dai
    • 1
  • Peidong Zhu
    • 1
  • Jinshu Su
    • 1
  1. 1.School of ComputerNational University of Defense TechnologyChangshaChina

Personalised recommendations