Abstract
Because of BGP’s critical importance as the de-facto Internet inter-domain routing protocol, accurate and quick detection of abnormal BGP routing dynamics is of fundamental importance to internet security where the classes are imbalanced. Alougth there exist many active learning methods, few of them were extended to solve BGP problems. In this paper, avtive learning based on the under-sampling and asymmetric bagging is proposed to classify BGP routing dynamics and detect abnormal data. Under-sampling is used in training neural networks and asymmetric bagging is used to improve the accuracy of the algorithm. Our BGP data is the RIPE archive, which is a huge archive of BGP updates and routing tables that are continuously collected by RIPE monitors around the world. The experimental results suggest that the accuracy of the detection of abnormal BGP routing dynamics is satisfying and applicable to BGP products. We emphasize that this is a promising direction to improve security, availability, reliability and performance of internet security by detecting and preventing abnormal BGP routing dynamics traffic.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Wang, L., Zhao, X., Pei, D., Bush, R., Massey, D., Mankin, A., Wu, S., Zhang, L.: Observation and analysis of BGP behavior under stress. In: Proceedings of Internet Measurement Workshop (November 2002)
Mahajan, R., Wetherall, D., Anderson, T.: Understanding BGP misconfiguration. In: Proceedings of ACM SIGCOMM (August 2002)
Wu, Z., Purpus, E.S., Li, J.: BGP behavior analysis during the August 2003 blackout. In: International Symposium on Integrated Network Management, Extended abstract (2005)
Labovitz, C., Ahuja, A., Bose, A., Jahanian, F.: Delayed Internet Routing Convergence. In: Proceedings of ACM Sigcomm (August 2000)
Labovitz, C., Wattenhofer, R., Venkatachary, S., Ahuja, A.: The Impact of Internet Policy and Topology on Delayed Routing Convergence. In: Proceedings of the IEEE INFOCOM (April 2001)
Griffin, T., Premore, B.: An Experimental Analysis of BGP Convergence Time. In: Proceedings of ICNP (November 2001)
Misel, S.: Wow, AS7007!, http://www.merit.edu/mail.archives/nanog/1997-04/msg00340.html
Lad, M., Zhao, X., Zhang, B., Massey, D., Zhang, L.: An analysis of BGP update surge during Slammer attack. In: Proceedings of the International Workshop on Distributed Computing (IWDC) (2003)
Cowie, J., Ogielski, A., Premore, B., Smith, E., Underwood, T.: Impact of the 2003 blackouts on Internet communications. Technical report, Renesys (November 2003)
Zhou, Z.-H., Liu, X.-Y.: Training Cost-Sensitive Neural Networks with Methods Addressing the Class Imbalance Problem. IEEE Transactions On Knowledge And Data Engineering 18(1), 63–77 (2006)
Rekhter, Y., Li, Y.: A border gateway protocol 4, BGP-4 (1995)
Rekhter, Y., Li, Y.: A border gateway protocol 4 (BGP-4). RFC-1771 (1995)
Cowie, J., Ogielski, A., et al.: Global Routing Instabilities during Code Red II and Nimda Worm Propagation (2001)
Labovitz, C., Ahuja, A., et al.: Delayed Internet routing convergence. ACM SIGCOMM, Stockholm, Sweden (2000)
Chen, E.: Route Refresh Capability for BGP-4. RFC-2918 (2000)
Japkowicz, N.: The class imbalance problem: significance and strategies. In: Proceedings of the 2000 International Conference on Artificial intelligence: Special Track on Inductive Learning, Las Vegas, Nevada, pp.111–117 (2000)
Kang, P., Cho, S.: EUS SVMs: Ensemble of Under-Sampled SVMs for Data Imbalance Problem. In: King, I., Wang, J., Chan, L.-W., Wang, D. (eds.) ICONIP 2006. LNCS, vol. 4232, pp. 837–846. Springer, Heidelberg (2006)
Li, C.: Classifying Imbalanced Data Using a Bagging Ensemble Variation. In: Proseedings of the 45th annual southeast regional conference, pp. 203–208 (2007)
Schapire, R.: The strength of weak learn ability. Machine learning 5(2), 197–227 (1990)
Li, G.-Z., Meng, H.-H., Yang, M.Q., Yang, J.Y.: Asymmetric Bagging and Feature Selection for Activities Prediction of Drug Molecules. In: Proceedings of Second International Multi-symposium on Computer and Computational Sciences (IMSCCS 2007), August 2007, pp. 108–114. Iowa (2007)
Tao, D., Tang, X., Li, X., Wu, X.: Asymmetric bagging and random subspace for support vector machines based relevance feedback in image retrieval. IEEE Transactions on Pattern Analysis and Machine Intelligence 28(7), 1088–1099 (2006)
Baram, Y., EI-Yaniv, R., Luz, K.: Online Choice of Active Learning Algorithms. Journal of Machine Learning Research 5, 255–291 (2004)
Iyengar, V.S.: Chidanand Apte, and Tong Zhang: Active Learning using Adaptive Resampling
Rumelhart, D.E., Hinton, G.E., Williams, R.J.: Learning internal representations by error propagation. In: Rumelhart, D.E., McClelland, J.L. (eds.) Parallel Distributed Processing: Explorations in The Microstructure of Cognition, vol. 1, pp. 318–362. MIT Press, Cambridge (1986)
Li, J., Dou, D., Wu, Z., Kim, S., Agarwal, V.: An Internet Routing Forensics Framework for Discovering Rules of Abnormal BGP Events. ACM SIGCOMM Computer Communication Review 35(5) (October 2005)
Kang, P., Cho, S.: EUS sVMs: Ensemble of under-sampled sVMs for data imbalance problems. In: King, I., Wang, J., Chan, L.-W., Wang, D. (eds.) ICONIP 2006. LNCS, vol. 4232, pp. 837–846. Springer, Heidelberg (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Wu, Q., Feng, Q. (2009). Abnormal BGP Routing Dynamics Detection by Active Learning Using Bagging on Neural Networks. In: Lee, R., Hu, G., Miao, H. (eds) Computer and Information Science 2009. Studies in Computational Intelligence, vol 208. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01209-9_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-01209-9_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-01208-2
Online ISBN: 978-3-642-01209-9
eBook Packages: EngineeringEngineering (R0)