An analysis of BGP multiple origin AS (MOAS) conflicts
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
ACM SIGCOMM Computer Communication Review
PlanetSeer: internet path failure monitoring and characterization in wide-area services
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Accurate Real-time Identification of IP Prefix Hijacking
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
On interdomain routing security and pretty secure BGP (psBGP)
ACM Transactions on Information and System Security (TISSEC)
PHAS: a prefix hijack alert system
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Pretty Good BGP: Improving BGP by Cautiously Adopting Routes
ICNP '06 Proceedings of the Proceedings of the 2006 IEEE International Conference on Network Protocols
Practical defenses against BGP prefix hijacking
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
Ispy: detecting ip prefix hijacking on my own
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Autonomous security for autonomous systems
Computer Networks: The International Journal of Computer and Telecommunications Networking
A Comparative Analysis of BGP Anomaly Detection and Robustness Algorithms
CATCH '09 Proceedings of the 2009 Cybersecurity Applications & Technology Conference for Homeland Security
Secure Border Gateway Protocol (S-BGP)
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
BGP is the most important component of Internet routing and yet it is vulnerable to many threats such as IP prefix hijacking, which has created significant problems over the decade. There have been two approaches to address the IP prefix hijacking issue: anomaly detection-based approach and cryptography-based one. Due to complexity and deployment concern of the latter, there are a lot of solutions that take the former approach. We propose a probabilistic IP prefix authentication (PIPA) scheme that leverages the existing BGP anomaly detection-based solutions as well as public internet registry information. That is, PIPA determines the authenticity of the pair (IP prefix, AS path) in BGP messages by using historical stability of the BGP information and internet registry data. We also discuss how to recover the hijacked IP prefixes in PIPA.