Evaluation of Prefix Hijacking Impact Based on Hinge-Transmit Property of BGP Routing System

BGP prefix hijacking is a sort of serious security threat of the Internet. In a hijacking attack, the attacker try to convince ASes to become infectors for redirecting data traffic to him in stead of the victim. The more infectors there are, the larger impact an attack has. It is important to understand the root of the matter why the impact of prefix hijacking differs a lot in different attacks. In this paper, by analyzing the BGP routing process under the control of routing polices and evaluating a series of Transmit factors, we realize that BGP routing system has a Hinge-Transmit property. It indicates that Tier-1 AS set is the hinge of the Internet, transmitting a large fraction of data traffic to the whole network; a subset of Tier-1 AS set with a special topological location (core AS set) is the hinge of data delivery paths to a specified destination, transmitting a large fraction of data traffic from any source to the destination. These hinge ASes are critical in transmitting large amount of data traffic in the Internet, and also critical in enlarging the impact of a prefix hijacking attack. From the aspect of Internet security, they should be protected from being infected carefully. Finally, we verify our findings by evaluating impacts of real hijacking incidents occurred in the Internet recorded by Route Views routing tables.