Accurate real-time identification of IP prefix hijacking

Proceedings - IEEE Symposium on Security and Privacy

Volumn , Issue , 2007, Pages 3-17

  Hu, Xin ^a   Mao, Z Morley ^a  

^a UNIVERSITY OF MICHIGAN   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

NETWORK SECURITY; REAL TIME SYSTEMS; ROUTING PROTOCOLS; TELECOMMUNICATION SERVICES;

ANOMALY DETECTION; FINGERPRINTING; PREFIX HIJACKING;

INTERNET PROTOCOLS;

EID: 34548704917     PISSN: 10816011     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SP.2007.7     Document Type: Conference Paper

References (52)

1. PlanetLab. http://www.planet-lab.org/.
2. University of Oregon Route Views Archive Project, http://www.routeviews. org.
3. J. Abley. Hierarchical Anycast for Global Service Distribution. ISCs Technical Note, 2003.
4. W. Aiello, J. Ioannidis, and P. McDaniel. Origin Authentication in Interdomain Routing. In Proc. CCS, 2003.
5. A. Barbir, S. Murphy, and Y. Yang. Generic Threats to Routing Protocols. IETF Draft: draft-ietf-rpsec-routing-threats-07, April 2004.
6. S. Bellovin, R. Bush, T. G. Griffin, and J. Rexford. Slowing routing table growth by filtering based on address allocation policies. 2001.
7. S. M. Bellovin. A Technique for Counting NATted Hosts. In Proc. Second Internet Measurement Workshop, November 2002.
8. S. M. Bellovin, J. Ioannidis, and R. Bush. Position Paper: Operational Requirements for Secured BGP. In DHS Secure Routing Workshop, March 2005.
9. V. J. Bono. 7007 Explanation and Apology. NANOG email on Apr 26, 1997.
10. P. Boothe, J. Hiebert, and R. Bush. How Prevalent is Prefix Hijacking on the Internet. NANOG36 Talk, February 2006.
11. K. Butler, T. Farley, P. McDaniel, and J. Rexfod. A Survey of BGP Security Issues and Solutions. Technical Report TD-5UGJ33, AT&T Labs - Research, 2004.
12. Caida. NetGeo - The Internet Geographic Database.
13. B. Christian and T. Tauber. BGP Security Requirements. IETF Draft: draft-ietf-rpsec-bgpsecrec-04, March 2006.
14. M. Freedman, M. Vutukuru, N. Feamster, and H. Balakrishnan. Geographic Locality of IP Prefixes. In Internet Measurement Conference, October 2005.
15. Fyodor. Idle Scanning and related IPID games, http://www.insecure.org/ nmap/idlescan.html.
16. Fyodor. Remote OS detection via TCP/IP Stack Fingerprinting, http://www.insecure.org/nmap/nmap-fingerprinting-article.html, 2002.
17. Fyodor. Nmap free security scanner, http://www.insecure.org/nmap/, 2006.
18. L. Gao. On Inferring Autonomous System Relationships in the Internet. In Proc. IEEE Global Internet Symposium, 2000.
19. R. Gerdes, T. Daniels, M. Mina, and S. Russell. Device Identification via Analog Signal Fingerprinting: A Matched Filter Approach. In Proc. NDSS, 2006.
20. G. Goodell, W. Aiello, T. Griffin, J. Ioannidis, P. McDaniel, and A. Rubin. Working Around BGP: An Incremental Approach to Improving Security and Accuracy of Interdomain Routing. In Proc. NDSS, February 2003.
21. S. Halabi and D. McPherson. Internet Routing Architectures. Cisco Press, Indianapolis, Indiana, second edition, 2000.
22. T. Hardy. RFC 3258 - Distributing Authoritative Name Servers via Shared Unicast Addresses. RFC 3258, April 2002.
23. J. Hawkinson and T. Bates. Guidelines for creation, selection, and registation of an Autonomous System(AS). RFC 1930, 1996.
24. N. Hu and P. Steenkiste. Evaluation and characterization of available bandwidth probing techniques. IEEE JSAC Special Issue in Internet and WWW Measurement, Mapping, 2003.
25. X. Hu and Z. M. Mao. Accurate Real-time Identification of IP Hijacking. Technical Report CSE-TR-516-06, University of Michigan, June 2006.
26. G. Huston. Auto-Detecting Address Hijacking? Presentation at RIPE-50, May 2005.
27. C. Hutzler and R. da Silva. The Relationship Between Network Security and Spam. NANOG 29 Meeting, October 2003.
28. J. W. S. III. BGP4 Inter-Domain Routing in the Internet. Addison-Wesley, 1999.
29. V. Jacobson, R. Braden, and D. Borman. TCP Extensions for High Performance. RFC 1323, May 1992.
30. D. Karrenberg. Distributing K-Root Service by Anycast Routing of 193.0.14.129. RIPE 268, 2003.
31. T. Kohno, A. Broido, and K. C. Claffy. Remote Physical Device Fingerprinting. In Proc. the 2005 IEEE Symposium on Security and Privacy, 2005.
32. C. Kruegel, D. Mutz, W. Robertson, and F. Valeur. Topology-Based Detection of Anomalous BGP Messages. In Proc. Recent Advances in Intrusion Detection: 6th International Symposium, RAID, 2003.
33. M. Lad, D. Massey, D. Pei, Y. Wu, B. Zhang, and L. Zhang. PHAS: a Prefix Hijack Alerting System. In Proc. USENIX Security, August 2006.
34. B. A. Mah. pchar: A Tool for Measuring Internet Path Characteristics, http://www.kitchenlab.org/www/bmah/Software/pchar/.
35. Z. M. Mao, D. Johnson, J. Rexford, J. Wang, and R. Katz. Scalable and Accurate Identification of AS-Level Forwarding Paths. In Proc. IEEE INFOCOM, March 2004.
36. J. Ng. Extensions to BGP to Support Secure Origin BGP (soBGP). IETF Draft: draft-ng-sobgp-bgp-extensions-01.txt, November 2002.
37. V. N.Padmanabhan and L. Subramanian. An Investigation of Geographic Mapping Techniques for Internet Hosts. In Proc. ACM SIGCOMM, 2001.
38. C. Partridge, T. Mendez, and W. Milliken. Host Anycasting Service. RFC 1546, 1993.
39. S. Qiu, F. Monrose, A. Terzis, and P. McDaniel. Efficient Techniques for Detecting False Origin Advertisements in Inter-domain Routing. In Proc. Workshop on Secure Network Protocols, 2006.
40. A. Ramachandran and N. Feamster. Understanding the Network-Level Behavior of Spammers. In Proc. ACM SIGCOMM, 2006.
41. Y. Rekhter and T. Li. A Border Gateway Protocol. RFC 1771, March 1995.
42. V. Ribeiro, R. Riedi, R. Baraniuk, J. Navratil, and L. Cottrell. PathChirp: Efficient Available Bandwidth Estimation for Network Paths. In Passive and Active Measurement Workshop, La Jolla, CA, April 2003.
43. Salvatore Sanfilippo. Hping. http://www.hping.org/, 2006.
44. N. Spring, D. Wetherall, and T. Anderson. Scriptroute: A Public Internet Measurement Facility. In Proc. 4th USENIX Symposium on Internet Technologies and Systems, 2002.
45. Stephen Kent and Charles Lynn and Karen Seo. Secure Border Gateway Protocol (Secure-BGP). IEEE J. Selected Areas in Communications, 2000.
46. L. Subramanian, V. Roth, I. Stoica, S. Shenker, and R. H. Katz. Listen and Whisper: Security Mechanisms for BGP. In Proc. first Symposium on Networked Systems Design and Implementation (NSDI), 2004.
47. T. Wan, E. Kranakis, and P. van Oorschot. Pretty Secure BGP (psBGP). In Proc. NDSS, 2005.
48. L. Wang, X. Zhao, D. Pei, R. Bush, D. Massey, A. Mankin, S. F. Wu, and L. Zhang. Protecting BGP Routesto Top Level DNS Servers. In Proc. IEEE International Conference on DistributedComputing Systems (ICDCS), 2003.
49. F. Yarochkin, M. Kydyraliev, and O. Arkin. Xprobe2, 2006.
50. M. Zhao, S. Smith, and D. Nicol. Aggregated Path Authentication for Efficient BGP Security. In Proc. CCS, 2005.
51. X. Zhao, D. Pei, L. Wang, D. Massey, A. Mankin, S. F. Wu, and L. Zhang. An Analysis of BGP Multiple Origin AS (MOAS) Conflicts. In Proc. ACM SIGCOMM Internet Measurement Workshop, November 2001.
52. X. Zhao, D. Pei, L. Wang, D. Massey, A. Mankin, S. F. Wu, and L. Zhang. Detection of Invalid Routing Announcement in the Internet. In Proc. DSN, 2002.