On the Effectiveness of BGP Hijackers That Evade Public Route Collectors

OPEN ACCESS

Downloads

Full text (published version) (PDF, 3.65 MB)

Author / Producer

Milolidakis, Alexandros Bühler, Tobias Wang, Kunyu

Date

2023

Publication Type

Journal Article

ETH Bibliography

yes

Citations

Altmetric
OPEN ACCESS

Downloads

Full text (published version) (PDF, 3.65 MB)

Data

Rights / License

Creative Commons Attribution 4.0 International north_east

Abstract

Routing hijack attacks have plagued the Internet for decades. After many failed mitigation attempts, recent Internet-wide BGP monitoring infrastructures relying on distributed route collection systems, called route collectors, give us hope that future monitor systems can quickly detect and ultimately mitigate hijacks. In this paper, we investigate the effectiveness of public route collectors with respect to future attackers deliberately engineering longer hijacks to avoid being recorded by route collectors. Our extensive simulations (and attacks we device) show that monitor-based systems may be unable to observe many carefully crafted hijacks diverting traffic from thousands of ASes. Hijackers could predict whether their attacks would propagate to some BGP feeders (i.e., monitors) of public route collectors. Then, manipulate BGP route propagation so that the attack never reaches those monitors. This observation remains true when considering plausible future Internet topologies, with more IXP links and up to 4 times more monitors peering with route collectors. We then evaluate the feasibility of performing hijacks not observed by route collectors in the real-world. We experiment with two classifiers to predict the monitors that are dangerous to report the attack to route collectors, one based on monitor proximities (i.e., shortest path lengths) and another based on Gao-Rexford routing policies. We show that a proximity-based classifier could be sufficient for the hijacker to identify all dangerous monitors for hijacks announced to peer-to-peer neighbors. For hijacks announced to transit networks, a Gao-Rexford classifier reduces wrong inferences by $\ge 91\%$ without introducing new misclassifications for existing dangerous monitors.

Permanent link

https://doi.org/10.3929/ethz-b-000610074

Publication status

published

External links

https://doi.org/10.1109/ACCESS.2023.3261128 north_east

Editor

Book title

Journal / series

Volume

11

Pages / Article No.

31092 - 31124

Publisher

IEEE

Event

Edition / version

Methods

Software

Geographic location

Date collected

Date created

Subject

BGP; BGP hijacking; stealthy IP prefix hijacking; inter-domain routing; routing policies; route collectors; forged AS path; BGP monitoring; BGPStream

Organisational unit

09477 - Vanbever, Laurent / Vanbever, Laurent check_circle

Notes

Funding

Related publications and datasets

More

Show all metadata