IP prefix hijacking is a major threat to the security of the Internet routing system owing to the lack of authoritative prefix ownership information. Despite many efforts to design IP prefix hijack detection schemes, no existing design satisfies all the critical requirements of a truly effective system, i.e. to be real-time, deployable, and robust. In this paper, we present a novel approach that detects IP prefix hijacking in the current Internet environment. The focus of this work is on maintaining the Border Gateway Protocol routing infrastructure and not relying on mutual cooperation to ensure ease of deployment. In addition, we look at fingerprinting two autonomous systems that have the same IP prefix to distinguish hijacking events from legitimate routing updates. This paper proposes a practical and deployable IP prefix hijacking detection algorithm with live hosts on the Internet.

• 出版日期2013-2