Visual analytics for BGP monitoring and prefix hijacking identification

Vorschaubild
Dateien
Zu diesem Dokument gibt es keine Dateien.
Datum
2012
Autor:innen
Biersack, Ernst
Jacquemart, Quentin
Thonnard, Olivier
Theodoridis, Georgios
Tzovaras, Dimitrios
Vervier, Pierre-Antoine
Herausgeber:innen
Kontakt
ISSN der Zeitschrift
Electronic ISSN
ISBN
Bibliografische Daten
Verlag
Schriftenreihe
Auflagebezeichnung
URI (zitierfähiger Link)
http://nbn-resolving.de/urn:nbn:de:bsz:352-225199
DOI (zitierfähiger Link)
https://doi.org/10.1109/MNET.2012.6375891
ArXiv-ID
Internationale Patentnummer
EU-Projektnummer
DFG-Projektnummer
Projekt
Open Access-Veröffentlichung
Sammlungen
Informatik und Informationswissenschaft
Gesperrt bis
Titel in einer weiteren Sprache
Forschungsvorhaben
Organisationseinheiten
Zeitschriftenheft
Publikationstyp
Zeitschriftenartikel
Publikationsstatus
unikn.publication.listelement.citation.prefix.version.undefined
IEEE Network. 2012, 26(6), pp. 33-39. ISSN 0890-8044. Available under: doi: 10.1109/MNET.2012.6375891
Zusammenfassung

The control plane of the Internet relies entirely on BGP as the interdomain routing protocol to maintain and exchange routing information between large network providers and their customers. However, an intrinsic vulnerability of the protocol is its inability to validate the integrity and correctness of routing information exchanged between peer routers. As a result, it is relatively easy for people with malicious intent to steal legitimate IP blocks through an attack known as prefix hijacking, which essentially consists of injecting bogus routing information into the system to redirect or subvert network traffic. In this article, we give a short survey of visualization methods that have been developed for BGP monitoring, in particular for the identification of prefix hijacks. Our goal is to illustrate how network visualization has the potential to assist an analyst in detecting abnormal routing patterns in massive amounts of BGP data. Finally, we present an analysis of a real validated case of prefix hijacking, which took place between April and August 2011. We use this hijack case study to illustrate the ongoing work carried out in VIS-SENSE, a European research project that leverages visual analytics to develop more effective tools for BGP monitoring and prefix hijack detection.

Zusammenfassung in einer weiteren Sprache
Fachgebiet (DDC)
004 Informatik
Schlagwörter
Konferenz
Rezension
undefined / . - undefined, undefined
Zitieren
ISO 690BIERSACK, Ernst, Quentin JACQUEMART, Fabian FISCHER, Johannes FUCHS, Olivier THONNARD, Georgios THEODORIDIS, Dimitrios TZOVARAS, Pierre-Antoine VERVIER, 2012. Visual analytics for BGP monitoring and prefix hijacking identification. In: IEEE Network. 2012, 26(6), pp. 33-39. ISSN 0890-8044. Available under: doi: 10.1109/MNET.2012.6375891
BibTex
@article{Biersack2012Visua-22519,
  year={2012},
  doi={10.1109/MNET.2012.6375891},
  title={Visual analytics for BGP monitoring and prefix hijacking identification},
  number={6},
  volume={26},
  issn={0890-8044},
  journal={IEEE Network},
  pages={33--39},
  author={Biersack, Ernst and Jacquemart, Quentin and Fischer, Fabian and Fuchs, Johannes and Thonnard, Olivier and Theodoridis, Georgios and Tzovaras, Dimitrios and Vervier, Pierre-Antoine}
}
RDF
<rdf:RDF
    xmlns:dcterms="http://purl.org/dc/terms/"
    xmlns:dc="http://purl.org/dc/elements/1.1/"
    xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
    xmlns:bibo="http://purl.org/ontology/bibo/"
    xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#"
    xmlns:foaf="http://xmlns.com/foaf/0.1/"
    xmlns:void="http://rdfs.org/ns/void#"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > 
  <rdf:Description rdf:about="https://kops.uni-konstanz.de/server/rdf/resource/123456789/22519">
    <dcterms:title>Visual analytics for BGP monitoring and prefix hijacking identification</dcterms:title>
    <dc:creator>Jacquemart, Quentin</dc:creator>
    <dc:contributor>Fischer, Fabian</dc:contributor>
    <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2013-04-08T12:14:32Z</dcterms:available>
    <dc:contributor>Biersack, Ernst</dc:contributor>
    <foaf:homepage rdf:resource="http://localhost:8080/"/>
    <dcterms:bibliographicCitation>IEEE network ; 26 (2012), 6. - S. 33-39</dcterms:bibliographicCitation>
    <dc:creator>Vervier, Pierre-Antoine</dc:creator>
    <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
    <dc:language>eng</dc:language>
    <dc:creator>Theodoridis, Georgios</dc:creator>
    <dc:contributor>Fuchs, Johannes</dc:contributor>
    <dc:creator>Biersack, Ernst</dc:creator>
    <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/>
    <dc:rights>terms-of-use</dc:rights>
    <dc:creator>Thonnard, Olivier</dc:creator>
    <dc:contributor>Tzovaras, Dimitrios</dc:contributor>
    <dc:creator>Tzovaras, Dimitrios</dc:creator>
    <dc:creator>Fischer, Fabian</dc:creator>
    <dc:contributor>Thonnard, Olivier</dc:contributor>
    <bibo:uri rdf:resource="http://kops.uni-konstanz.de/handle/123456789/22519"/>
    <dc:contributor>Vervier, Pierre-Antoine</dc:contributor>
    <dcterms:abstract xml:lang="eng">The control plane of the Internet relies entirely on BGP as the interdomain routing protocol to maintain and exchange routing information between large network providers and their customers. However, an intrinsic vulnerability of the protocol is its inability to validate the integrity and correctness of routing information exchanged between peer routers. As a result, it is relatively easy for people with malicious intent to steal legitimate IP blocks through an attack known as prefix hijacking, which essentially consists of injecting bogus routing information into the system to redirect or subvert network traffic. In this article, we give a short survey of visualization methods that have been developed for BGP monitoring, in particular for the identification of prefix hijacks. Our goal is to illustrate how network visualization has the potential to assist an analyst in detecting abnormal routing patterns in massive amounts of BGP data. Finally, we present an analysis of a real validated case of prefix hijacking, which took place between April and August 2011. We use this hijack case study to illustrate the ongoing work carried out in VIS-SENSE, a European research project that leverages visual analytics to develop more effective tools for BGP monitoring and prefix hijack detection.</dcterms:abstract>
    <dc:contributor>Jacquemart, Quentin</dc:contributor>
    <dcterms:rights rdf:resource="https://rightsstatements.org/page/InC/1.0/"/>
    <dc:contributor>Theodoridis, Georgios</dc:contributor>
    <dc:creator>Fuchs, Johannes</dc:creator>
    <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2013-04-08T12:14:32Z</dc:date>
    <dcterms:issued>2012</dcterms:issued>
    <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
  </rdf:Description>
</rdf:RDF>
Interner Vermerk
xmlui.Submission.submit.DescribeStep.inputForms.label.kops_note_fromSubmitter
Kontakt
URL der Originalveröffentl.
Prüfdatum der URL
Prüfungsdatum der Dissertation
Finanzierungsart
Kommentar zur Publikation
Allianzlizenz
Corresponding Authors der Uni Konstanz vorhanden
Internationale Co-Autor:innen
Universitätsbibliographie
Ja
Begutachtet