Sciweavers

Share
NETWORKING
2004

On Detection of Anomalous Routing Dynamics in BGP

11 years 8 months ago
On Detection of Anomalous Routing Dynamics in BGP
BGP, the de facto inter-domain routing protocol, is the core component of current Internet infrastructure. BGP traffic deserves thorough exploration, since abnormal BGP routing dynamics could impair global Internet connectivity and stability. In this paper, two methods, signature-based detection and statistics-based detection, are designed and implemented to detect BGP anomalous routing dynamics in BGP UPDATEs. Signature-based detection utilizes a set of fixed patterns to search and identify routing anomalies. For the statistics-based detection, we devise five measures to model BGP UPDATEs traffic. In the training phase, the detector is trained to learn the expected behaviors of BGP from the historical longterm BGP UPDATEs dataset. It then examines the test dataset to detect "anomalies" in the testing phase. An anomaly is flagged when the tested behavior significantly differs from the expected behaviors. We have applied these two approaches to examine the BGP data collected ...
Ke Zhang, Amy Yen, Xiaoliang Zhao, Daniel Massey,
Added 31 Oct 2010
Updated 31 Oct 2010
Type Conference
Year 2004
Where NETWORKING
Authors Ke Zhang, Amy Yen, Xiaoliang Zhao, Daniel Massey, Shyhtsun Felix Wu, Lixia Zhang
Comments (0)
books