Visual analytics for BGP monitoring and prefix hijacking identification
Dateien
Datum
Autor:innen
Herausgeber:innen
ISSN der Zeitschrift
Electronic ISSN
ISBN
Bibliografische Daten
Verlag
Schriftenreihe
Auflagebezeichnung
URI (zitierfähiger Link)
DOI (zitierfähiger Link)
Internationale Patentnummer
EU-Projektnummer
DFG-Projektnummer
Projekt
Open Access-Veröffentlichung
Sammlungen
Titel in einer weiteren Sprache
Publikationstyp
Publikationsstatus
unikn.publication.listelement.citation.prefix.version.undefined
Zusammenfassung
The control plane of the Internet relies entirely on BGP as the interdomain routing protocol to maintain and exchange routing information between large network providers and their customers. However, an intrinsic vulnerability of the protocol is its inability to validate the integrity and correctness of routing information exchanged between peer routers. As a result, it is relatively easy for people with malicious intent to steal legitimate IP blocks through an attack known as prefix hijacking, which essentially consists of injecting bogus routing information into the system to redirect or subvert network traffic. In this article, we give a short survey of visualization methods that have been developed for BGP monitoring, in particular for the identification of prefix hijacks. Our goal is to illustrate how network visualization has the potential to assist an analyst in detecting abnormal routing patterns in massive amounts of BGP data. Finally, we present an analysis of a real validated case of prefix hijacking, which took place between April and August 2011. We use this hijack case study to illustrate the ongoing work carried out in VIS-SENSE, a European research project that leverages visual analytics to develop more effective tools for BGP monitoring and prefix hijack detection.
Zusammenfassung in einer weiteren Sprache
Fachgebiet (DDC)
Schlagwörter
Konferenz
Rezension
Zitieren
ISO 690
BIERSACK, Ernst, Quentin JACQUEMART, Fabian FISCHER, Johannes FUCHS, Olivier THONNARD, Georgios THEODORIDIS, Dimitrios TZOVARAS, Pierre-Antoine VERVIER, 2012. Visual analytics for BGP monitoring and prefix hijacking identification. In: IEEE Network. 2012, 26(6), pp. 33-39. ISSN 0890-8044. Available under: doi: 10.1109/MNET.2012.6375891BibTex
@article{Biersack2012Visua-22519, year={2012}, doi={10.1109/MNET.2012.6375891}, title={Visual analytics for BGP monitoring and prefix hijacking identification}, number={6}, volume={26}, issn={0890-8044}, journal={IEEE Network}, pages={33--39}, author={Biersack, Ernst and Jacquemart, Quentin and Fischer, Fabian and Fuchs, Johannes and Thonnard, Olivier and Theodoridis, Georgios and Tzovaras, Dimitrios and Vervier, Pierre-Antoine} }
RDF
<rdf:RDF xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:bibo="http://purl.org/ontology/bibo/" xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:void="http://rdfs.org/ns/void#" xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > <rdf:Description rdf:about="https://kops.uni-konstanz.de/server/rdf/resource/123456789/22519"> <dcterms:title>Visual analytics for BGP monitoring and prefix hijacking identification</dcterms:title> <dc:creator>Jacquemart, Quentin</dc:creator> <dc:contributor>Fischer, Fabian</dc:contributor> <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2013-04-08T12:14:32Z</dcterms:available> <dc:contributor>Biersack, Ernst</dc:contributor> <foaf:homepage rdf:resource="http://localhost:8080/"/> <dcterms:bibliographicCitation>IEEE network ; 26 (2012), 6. - S. 33-39</dcterms:bibliographicCitation> <dc:creator>Vervier, Pierre-Antoine</dc:creator> <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/> <dc:language>eng</dc:language> <dc:creator>Theodoridis, Georgios</dc:creator> <dc:contributor>Fuchs, Johannes</dc:contributor> <dc:creator>Biersack, Ernst</dc:creator> <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/> <dc:rights>terms-of-use</dc:rights> <dc:creator>Thonnard, Olivier</dc:creator> <dc:contributor>Tzovaras, Dimitrios</dc:contributor> <dc:creator>Tzovaras, Dimitrios</dc:creator> <dc:creator>Fischer, Fabian</dc:creator> <dc:contributor>Thonnard, Olivier</dc:contributor> <bibo:uri rdf:resource="http://kops.uni-konstanz.de/handle/123456789/22519"/> <dc:contributor>Vervier, Pierre-Antoine</dc:contributor> <dcterms:abstract xml:lang="eng">The control plane of the Internet relies entirely on BGP as the interdomain routing protocol to maintain and exchange routing information between large network providers and their customers. However, an intrinsic vulnerability of the protocol is its inability to validate the integrity and correctness of routing information exchanged between peer routers. As a result, it is relatively easy for people with malicious intent to steal legitimate IP blocks through an attack known as prefix hijacking, which essentially consists of injecting bogus routing information into the system to redirect or subvert network traffic. In this article, we give a short survey of visualization methods that have been developed for BGP monitoring, in particular for the identification of prefix hijacks. Our goal is to illustrate how network visualization has the potential to assist an analyst in detecting abnormal routing patterns in massive amounts of BGP data. Finally, we present an analysis of a real validated case of prefix hijacking, which took place between April and August 2011. We use this hijack case study to illustrate the ongoing work carried out in VIS-SENSE, a European research project that leverages visual analytics to develop more effective tools for BGP monitoring and prefix hijack detection.</dcterms:abstract> <dc:contributor>Jacquemart, Quentin</dc:contributor> <dcterms:rights rdf:resource="https://rightsstatements.org/page/InC/1.0/"/> <dc:contributor>Theodoridis, Georgios</dc:contributor> <dc:creator>Fuchs, Johannes</dc:creator> <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2013-04-08T12:14:32Z</dc:date> <dcterms:issued>2012</dcterms:issued> <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/> </rdf:Description> </rdf:RDF>