Proceedings Article10.1109/ccece58730.2023.10288818
Efficient BGP Intrusion Detection Model Using Machine Learning: A Comparative Study with AdaBoost as the Optimal Classifier
Manaf Abdoun,Mouhcine Guennoun,Amine Amar,Tarek Saad,Mostafa Taha +4 more
- 24 Sep 2023
pp 399-404
1
TL;DR: Evaluating multiple machine learning models for detecting BGP anomalies and comprehensively analyzes their effectiveness reveals that AdaBoost achieves an impressive accuracy of 97.22%, making it the optimal choice for BGP anomaly detection.
read more
Abstract: The Border Gateway Protocol (BGP) is a crucial component of the Internet's infrastructure that enables the exchange of routing information among multiple Autonomous Systems so data flow from one network to another becomes possible. However, rare anomalies in BGP, such as IP prefix hijacks, misconfigurations, and worm attacks, when they occur, can cause significant disruptions to the network and threaten the stability and reliability of the Internet. Considerable efforts have been made to understand the nature of normal and abnormal BGP updates to identify and mitigate their disruptive consequences. Recent studies in the literature suggest that machine learning (ML) techniques can achieve a high level of accuracy and robustness in anomaly detection. To fully leverage the advantages of ML techniques, it is necessary to pre-process the data and choose a suitable model that helps identify and mitigate against any such BGP anomalies and improve the stability and reliability of the Internet. This paper evaluates multiple machine learning models for detecting BGP anomalies and comprehensively analyzes their effectiveness. Results reveal that AdaBoost achieves an impressive accuracy of 97.22%, making it the optimal choice for BGP anomaly detection.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
A Survey of Advanced Border Gateway Protocol Attack Detection Techniques
TL;DR: This survey evaluates 178 BGP anomaly detection techniques, identifying candidates for advanced attack detection, and proposes a lightweight, rapid approach to quantify group-level interactions, dynamics, and information to counter complex BGP attacks.
References
A Survey of BGP Security Issues and Solutions
Kevin R. B. Butler,T.R. Farley,Patrick McDaniel,Jennifer Rexford +3 more
- 01 Jan 2010
TL;DR: This paper considers the current vulnerabilities of the interdomain routing system and surveys both research and standardization efforts relating to BGP security, exploring the limitations and advantages of proposed security extensions to B GP, and explaining why no solution has yet struck an adequate balance between comprehensive security and deployment cost.
A study of prefix hijacking and interception in the internet
Hitesh Ballani,Paul Francis,Xinyang Zhang +2 more
- 27 Aug 2007
TL;DR: The authors' hijacking estimates are in line with the impact of past hijacking incidents and show that ASes higher up in the routing hierarchy can hijack a significant amount of traffic to any prefix, including popular prefixes.
Logistic regression model training based on the approximate homomorphic encryption.
TL;DR: Cheon et al. as discussed by the authors applied the homomorphic encryption scheme for an efficient arithmetic over real numbers, and devised a new encoding method to reduce storage of encrypted database, which was selected as the best solution of Track 3 at iDASH privacy and security competition 2017.
BGP hijacking classification
Shinyoung Cho,Romain Fontugne,Kenjiro Cho,Alberto Dainotti,Phillipa Gill +4 more
- 19 Jun 2019
TL;DR: This paper classifies detected hijack events in order to document BGP detectors output and understand the nature of reported events, and introduces four categories of BGP hijack: typos, prepending mistakes, origin changes, and forged AS paths.
80
Detecting BGP anomalies using machine learning techniques
Qingye Ding,Zhida Li,Prerna Batta,Ljiljana Trajkovic +3 more
- 01 Oct 2016
TL;DR: The minimum Redundancy Maximum Relevance (mRMR) feature selection algorithms are employed to extract the most relevant features used for classifying BGP anomalies and the Support Vector Machine (SVM) and Long Short-Term Memory (LSTM) algorithms for data classification are applied.
43