poster

Towards detecting BGP route hijacking using the RPKI

Authors:

Matthias Wählisch,

Olaf Maennel,

Thomas C. SchmidtAuthors Info & Claims

ACM SIGCOMM Computer Communication Review, Volume 42, Issue 4

Pages 103 - 104

https://doi.org/10.1145/2377677.2377702

Published: 13 August 2012 Publication History

Get Access

Abstract

Prefix hijacking has always been a big concern in the Internet. Some events made it into the international world-news, but most of them remain unreported or even unnoticed. The scale of the problem can only be estimated.

The Resource Publication Infrastructure (RPKI) is an effort by the IETF to secure the inter-domain routing system. It includes a formally verifiable way of identifying who owns legitimately which portion of the IP address space. The RPKI has been standardized and prototype implementations are tested by Internet Service Providers (ISPs). Currently the system holds already about 2% of the Internet routing table.

Therefore, in theory, it should be easy to detect hijacking of prefixes within that address space. We take an early look at BGP update data and check those updates against the RPKI---in the same way a router would do, once the system goes operational. We find many interesting dynamics, not all can be easily explained as hijacking, but a significant number are likely operational testing or misconfigurations.

References

[1]

K. Butler, T. R. Farley, P. McDaniel, and J. Rexford, "A Survey of BGP Security Issues and Solutions," Proceedings of the IEEE, vol. 98, no. 1, pp. 100--122, January 2010.

Crossref

Google Scholar

[2]

G. Huston, M. Rossi, and G. Armitage, "Securing BGP - A Literature Survey," Communications Surveys Tutorials, IEEE, vol. 13, no. 2, pp. 199--222, 2011.

Crossref

Google Scholar

[3]

X. Hu and Z. Mao, "Accurate Real-time Identification of IP Prefix Hijacking," in Security and Privacy, 2007. SP '07. IEEE Symposium on, may 2007, pp. 3--17.

Digital Library

Google Scholar

[4]

M. Lepinski and S. Kent, "An Infrastructure to Support Secure Internet Routing," 2012, RFC 6480.

Google Scholar

[5]

"RIPE's Routing Information Service," http://data.ris.ripe.net/.

Google Scholar

[6]

"University of Oregon RouteViews project," http://www.routeviews.org/.

Google Scholar

Cited By

View all

Testart CWolff JGouda DFontugne R(2024)Identifying Current Barriers in RPKI AdoptionSSRN Electronic Journal10.2139/ssrn.4948317Online publication date: 2024
https://doi.org/10.2139/ssrn.4948317
Rodday NCunha ÍBush RKatz-Bassett ERodosek GSchmidt TWählisch M(2023)The Resource Public Key Infrastructure (RPKI): A Survey on Measurements and Future ProspectsIEEE Transactions on Network and Service Management10.1109/TNSM.2023.332745521:2(2353-2373)Online publication date: 25-Oct-2023
https://dl.acm.org/doi/10.1109/TNSM.2023.3327455
Abdoun MGuennoun MAmar ASaad TTaha M(2023)Efficient BGP Intrusion Detection Model Using Machine Learning: A Comparative Study with AdaBoost as the Optimal Classifier2023 IEEE Canadian Conference on Electrical and Computer Engineering (CCECE)10.1109/CCECE58730.2023.10288818(399-404)Online publication date: 24-Sep-2023
https://doi.org/10.1109/CCECE58730.2023.10288818
Show More Cited By

Index Terms

Towards detecting BGP route hijacking using the RPKI
1. Networks
  1. Network protocols
    1. Network layer protocols
      1. Routing protocols

Recommendations

RiPKI: The Tragic Story of RPKI Deployment in the Web Ecosystem
HotNets-XIV: Proceedings of the 14th ACM Workshop on Hot Topics in Networks

Web content delivery is one of the most important services on the Internet. Access to websites is typically secured via TLS. However, this security model does not account for prefix hijacking on the network layer, which may lead to traffic blackholing ...
Towards a Rigorous Methodology for Measuring Adoption of RPKI Route Validation and Filtering

A proposal to improve routing security---Route Origin Authorization (ROA)---has been standardized. A ROA specifies which network is allowed to announce a set of Internet destinations. While some networks now specify ROAs, little is known about whether ...
Towards detecting BGP route hijacking using the RPKI
SIGCOMM '12: Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication

Prefix hijacking has always been a big concern in the Internet. Some events made it into the international world-news, but most of them remain unreported or even unnoticed. The scale of the problem can only be estimated.

The Resource Publication ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM SIGCOMM Computer Communication Review

ACM SIGCOMM Computer Communication Review Volume 42, Issue 4

Special october issue SIGCOMM '12

October 2012

538 pages

ISSN:0146-4833

DOI:10.1145/2377677

Issue’s Table of Contents

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 August 2012

Published in SIGCOMM-CCR Volume 42, Issue 4

Check for updates

Author Tags

Qualifiers

Poster

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

23
Total Citations
View Citations
547
Total Downloads

Downloads (Last 12 months)63
Downloads (Last 6 weeks)8

Reflects downloads up to 07 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Testart CWolff JGouda DFontugne R(2024)Identifying Current Barriers in RPKI AdoptionSSRN Electronic Journal10.2139/ssrn.4948317Online publication date: 2024
https://doi.org/10.2139/ssrn.4948317
Rodday NCunha ÍBush RKatz-Bassett ERodosek GSchmidt TWählisch M(2023)The Resource Public Key Infrastructure (RPKI): A Survey on Measurements and Future ProspectsIEEE Transactions on Network and Service Management10.1109/TNSM.2023.332745521:2(2353-2373)Online publication date: 25-Oct-2023
https://dl.acm.org/doi/10.1109/TNSM.2023.3327455
Abdoun MGuennoun MAmar ASaad TTaha M(2023)Efficient BGP Intrusion Detection Model Using Machine Learning: A Comparative Study with AdaBoost as the Optimal Classifier2023 IEEE Canadian Conference on Electrical and Computer Engineering (CCECE)10.1109/CCECE58730.2023.10288818(399-404)Online publication date: 24-Sep-2023
https://doi.org/10.1109/CCECE58730.2023.10288818
Wu YWang YDeJulius JAbboud RWoitel MOsadchyy BRichardson K(2023)Comp-RPKI: A Decentralized Protocol for Full Route Origin Validation2023 9th International Conference on Big Data Computing and Communications (BigCom)10.1109/BIGCOM61073.2023.00048(301-308)Online publication date: 4-Aug-2023
https://doi.org/10.1109/BIGCOM61073.2023.00048
Chowdhary HChaudhary N(2023)MANRS Statistical analysis and adoption in india as a collaborative security toolJournal of Cyber Security Technology10.1080/23742917.2023.21755277:4(181-198)Online publication date: 2-Mar-2023
https://doi.org/10.1080/23742917.2023.2175527
Oliver LAkiwate GLuckie MDu Bclaffy kBarakat CPelsser CBenson TChoffnes D(2022)Stop, DROP, and ROAProceedings of the 22nd ACM Internet Measurement Conference10.1145/3517745.3561454(730-737)Online publication date: 25-Oct-2022
https://dl.acm.org/doi/10.1145/3517745.3561454
Li YZou HChen YXu YMa ZMa DHu YXie G(2022)The Hanging ROA: A Secure and Scalable Encoding Scheme for Route Origin AuthorizationIEEE INFOCOM 2022 - IEEE Conference on Computer Communications10.1109/INFOCOM48880.2022.9796844(21-30)Online publication date: 2-May-2022
https://dl.acm.org/doi/10.1109/INFOCOM48880.2022.9796844
Kristoff JBush RKanich CMichaelson GPhokeer ASchmidt TWählisch M(2020)On Measuring RPKI Relying PartiesProceedings of the ACM Internet Measurement Conference10.1145/3419394.3423622(484-491)Online publication date: 27-Oct-2020
https://dl.acm.org/doi/10.1145/3419394.3423622
Liu SYang FLi DBagnulo MLiu BHuang X(2020)The Trusted and Decentralized Network Resource Management2020 29th International Conference on Computer Communications and Networks (ICCCN)10.1109/ICCCN49398.2020.9209590(1-7)Online publication date: Aug-2020
https://doi.org/10.1109/ICCCN49398.2020.9209590
Sarma RBarbhuiya F(2019)Internet of Things: Attacks and Defences2019 7th International Conference on Smart Computing & Communications (ICSCC)10.1109/ICSCC.2019.8843649(1-5)Online publication date: Jun-2019
https://doi.org/10.1109/ICSCC.2019.8843649
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

RiPKI: The Tragic Story of RPKI Deployment in the Web Ecosystem

Towards a Rigorous Methodology for Measuring Adoption of RPKI Route Validation and Filtering

Towards detecting BGP route hijacking using the RPKI