The Centre for Advanced Internet Architectures (CAIA) from the Swinburne University of Technology, explored a new technique that quickly detects different BGP anomalies as part of their Internet Operations Research Grant they received from ISIF Asia during 2016 and implemented during 2017.
The Internet’s default inter-domain routing protocol, the Border Gateway Protocol (BGP) is vulnerable to different types of anomalies such as hijacking, misconfiguration, and Denial of Service (DoS) attacks. Although considerable research has been carried out into BGP anomalies, existing approaches were not able to mitigate or identify BGP misconfiguration and lack of ground truth time stamps for BGP events.
In this project, CAIA’s team introduced two new tools, real-time BGP Anomaly Detection Tool (RTBADT) and BGP Replay Tool (BRT), to detect BGP anomalies in real-time. Specifically, RTBADT can be used by ISP operators to monitor and detect BGP anomalies through peering it with the intended peer AS, while BRT is able to replay past BGP updates with time-stamps. These tools enable network operators to protect their network from the worst consequence and mitigate the threats of Internet stability.
Read their technical report to find more about the outcomes of this research project and its contribution to support network operators https://application.isif.asia/theme/default/files/ISIFAsia_2016_Grants_TechReport_SwinburneUni_AU_BGPResearch.pdf