A study of prefix hijacking and interception in the internet
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
A light-weight distributed scheme for detecting ip prefix hijacks in real-time
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
On the impact of route monitor selection
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Testing the reachability of (new) address space
Proceedings of the 2007 SIGCOMM workshop on Internet network management
Practical defenses against BGP prefix hijacking
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
Ispy: detecting ip prefix hijacking on my own
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Accountable internet protocol (aip)
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Autonomous security for autonomous systems
Computer Networks: The International Journal of Computer and Telecommunications Networking
SEM: A Security Evaluation Model for Inter-domain Routing System in the Internet
IPOM '08 Proceedings of the 8th IEEE international workshop on IP Operations and Management
Cyclops: the AS-level connectivity observatory
ACM SIGCOMM Computer Communication Review
Probabilistic IP prefix authentication (PIPA) for prefix hijacking
CFI '09 Proceedings of the 4th International Conference on Future Internet Technologies
NetReview: detecting when interdomain routing goes wrong
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Impact of prefix-match changes on IP reachability
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Internet optometry: assessing the broken glasses in internet reachability
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Region-based BGP announcement filtering for improved BGP security
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Longitudinal study of BGP monitor session failures
ACM SIGCOMM Computer Communication Review
Analysis of diagnostic capability for hijacked route problem
IPOM'07 Proceedings of the 7th IEEE international conference on IP operations and management
Stealthy IP prefix hijacking: don't bite off more than you can chew
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
IP prefix hijacking detection using idle scan
APNOMS'09 Proceedings of the 12th Asia-Pacific network operations and management conference on Management enabling the future internet for changing business and new computing services
Safeguarding data delivery by decoupling path propagation and adoption
INFOCOM'10 Proceedings of the 29th conference on Information communications
How secure are secure interdomain routing protocols
Proceedings of the ACM SIGCOMM 2010 conference
Locating prefix hijackers using LOCK
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
StrobeLight: lightweight availability mapping and anomaly detection
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Robust Decentralized Virtual Coordinate Systems in Adversarial Environments
ACM Transactions on Information and System Security (TISSEC)
iSPY: detecting IP prefix hijacking on my own
IEEE/ACM Transactions on Networking (TON)
Enhancing the trust of internet routing with lightweight route attestation
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Let the market drive deployment: a strategy for transitioning to BGP security
Proceedings of the ACM SIGCOMM 2011 conference
Verifying and enforcing network paths with icing
Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies
LOT: A Defense Against IP Spoofing and Flooding Attacks
ACM Transactions on Information and System Security (TISSEC)
A cascading failure model for interdomain routing system
International Journal of Communication Systems
VisTracer: a visual analytics tool to investigate routing anomalies in traceroutes
Proceedings of the Ninth International Symposium on Visualization for Cyber Security
Detecting prefix hijackings in the internet with argus
Proceedings of the 2012 ACM conference on Internet measurement conference
Concurrent prefix hijacks: occurrence and impacts
Proceedings of the 2012 ACM conference on Internet measurement conference
Classifying internet one-way traffic
Proceedings of the 2012 ACM conference on Internet measurement conference
How to prevent AS hijacking attacks
Proceedings of the 2012 ACM conference on CoNEXT student workshop
Emulation on the internet prefix hijacking attack impaction
ICT-EurAsia'13 Proceedings of the 2013 international conference on Information and Communication Technology
A forensic case study on as hijacking: the attacker's perspective
ACM SIGCOMM Computer Communication Review
Sign what you really care about - Secure BGP AS-paths efficiently
Computer Networks: The International Journal of Computer and Telecommunications Networking
The BGP monitoring and alarming system to detect and prevent anomaly IP prefix advertisement
Proceedings of the 2013 Research in Adaptive and Convergent Systems
| Hi-index | 0.00 |
In a BGP prefix hijacking event, a router originates a route to a prefix, but does not provide data delivery to the actual prefix. Prefix hijacking events have been widely reported and are a serious problem in the Internet. This paper presents a new Prefix Hijack Alert System (PHAS). PHAS is a real-time notification system that alerts prefix owners when their BGP origin changes. By providing reliable and timely notification of origin AS changes, PHAS allows prefix owners to quickly and easily detect prefix hijacking events and take prompt action to address the problem. We illustrate the effectiveness of PHAS and evaluate its overhead using BGP logs collected from RouteViews. PHAS is light-weight, easy to implement, and readily deployable. In addition to protecting against false BGP origins, the PHAS concept can be extended to detect prefix hijacking events that involve announcing more specific prefixes or modifying the last hop in the path.