Analysis of IP Prefix Hijacking and Traffic Interception
نویسندگان
چکیده
In the Internet, BGP is de facto inter-domain routing protocol. And it is vulnerable to a number of damaging attacks. Among these attacks, IP prefix hijacking and traffic interception are regarded as the serious threats in the Internet. There have been many incidents of IP prefix hijacking in the Internet. The hijacking AS can blackhole the hijacked traffic by introducing network unreachability problem. Alternatively, it can transparently intercept the hijacked traffic by forwarding it onto the owner. Although there is no reported incident about traffic interception yet, it cannot be said that there was no such attack in the Internet. Because traffic interception does not introduce any network unreachability problem and it is transparent to the victim. Many ideas have been presented to try to detect or prevent prefix hijacking. However, there is no enough analysis towards both areas. This paper makes analysis of IP prefix hijacking and traffic interception for a stepping-stone towards solving these two threats. In this paper, we survey IP prefix hijacking incidents and we present the analysis of IP prefix hijacking and traffic interception.
منابع مشابه
A Scheme for Securing Traffic Transport among Autonomous Systems
By using existing mechanisms, especially for SBGP, IP prefix hijacking and AS-PATH tampering can be prevented despite some unsatisfied inherent factors. However, except IP prefix hijacking and AS-PATH tampering, there are some other traffic attraction attacks, which are currently not considered and prevented in existing mechanisms. Attracting more by announcing long paths, which is typical one ...
متن کاملA Forensic Case Study on AS Hijacking
The Border Gateway Protocol (BGP) was designed without security in mind. Until today, this fact makes the Internet vulnerable to hijacking attacks that intercept or blackhole Internet traffic. So far, significant effort has been put into the detection of IP prefix hijacking, while AS hijacking has received little attention. AS hijacking is more sophisticated than IP prefix hijacking, and is aim...
متن کاملIP Prefix Hijacking Detection Using Idle Scan
The Internet is comprised of a lot of interconnected networks communicating reachability information using BGP. Due to the design based on trust between networks, IP prefix hijacking can occurs, which is caused by wrong routing information. This results in a serious security threat in the Internet routing system. In this paper, we present an effective and practical approach for detecting IP pre...
متن کاملUnderstanding IP Prefix Hijacking and its Detection
Since IP Prefix Hijacking is a major threat for every Autonomous System in the Internet, this paper tries to give an understanding of IP prefix hijacking and some of their detection methods. This may rise attention and awareness for that topic among the readers. If a malicious attacker would hijack an IP and use it for committing serious crimes, the original owner of the IP address would eventu...
متن کاملCharacterizing Large-Scale Routing Anomalies: A Case Study of the China Telecom Incident
China Telecom’s hijack of approximately 50,000 IP prefixes in April 2010 highlights the potential for traffic interception on the Internet. Indeed, the sensitive nature of the hijacked prefixes, including US government agencies, garnered a great deal of attention and highlights the importance of being able to characterize such incidents after they occur. We use the China Telecom incident as a c...
متن کامل