TY - GEN
T1 - Leak-Detector
T2 - 10th IEEE International Conference on Dependability in Sensor, Cloud and Big Data Systems and Applications, DependSys 2024
AU - Gao, Haoyang
AU - Li, Ning
AU - Xie, Yuancheng
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - BGP route leak represents a significant vulnerability in BGP security. The occurrence of BGP route leak can lead to increased internet latency and diminished service quality in less severe cases, and in more severe instances, it can result in large-scale regional outages or substantial traffic redirection, causing considerable financial losses to network operators and users. Thus, the ability to accurately and promptly identify route leak is of paramount importance for maintaining internet security. Current route leak detection methods typically involve a trade-off between accuracy and real-time performance, making it challenging to achieve both simultaneously. To address this issue, this paper proposes the Leak-Detector framework, which synthesizes the strengths of existing advanced methodologies. By integrating AS hegemony indicators with machine learning models, Leak-Detector provides accurate and real-time detection of route leak incidents, and it can precisely report both the suspects and the timing of the leak. Application of Leak-Detector to real-world route leak detection demonstrates that it achieves an accuracy of 85%, recall of 84%, and F1 score of 83%, with minimal detection latency. Furthermore, it accurately identifies most route leak suspects and their occurrence times.
AB - BGP route leak represents a significant vulnerability in BGP security. The occurrence of BGP route leak can lead to increased internet latency and diminished service quality in less severe cases, and in more severe instances, it can result in large-scale regional outages or substantial traffic redirection, causing considerable financial losses to network operators and users. Thus, the ability to accurately and promptly identify route leak is of paramount importance for maintaining internet security. Current route leak detection methods typically involve a trade-off between accuracy and real-time performance, making it challenging to achieve both simultaneously. To address this issue, this paper proposes the Leak-Detector framework, which synthesizes the strengths of existing advanced methodologies. By integrating AS hegemony indicators with machine learning models, Leak-Detector provides accurate and real-time detection of route leak incidents, and it can precisely report both the suspects and the timing of the leak. Application of Leak-Detector to real-world route leak detection demonstrates that it achieves an accuracy of 85%, recall of 84%, and F1 score of 83%, with minimal detection latency. Furthermore, it accurately identifies most route leak suspects and their occurrence times.
KW - AS Hegemony
KW - BGP route leak
KW - Internet security
KW - Xgboost
KW - machine learning
UR - https://www.scopus.com/pages/publications/105002123176
U2 - 10.1109/DependSys64276.2024.00011
DO - 10.1109/DependSys64276.2024.00011
M3 - 会议稿件
AN - SCOPUS:105002123176
T3 - Proceedings - 2024 IEEE International Conference on Dependability in Sensor, Cloud and Big Data Systems and Applications, DependSys 2024
SP - 1
EP - 6
BT - Proceedings - 2024 IEEE International Conference on Dependability in Sensor, Cloud and Big Data Systems and Applications, DependSys 2024
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 13 December 2024 through 15 December 2024
ER -