Visual analytics for BGP monitoring and prefix hijacking identification

Biersack, Ernst; Jacquemart, Quentin; Fischer, Fabian; Fuchs, Johannes; Thonnard, Olivier; Theodoridis, Georgios; Tzovaras, Dimitrios; Vervier, Pierre-Antoine

doi:10.1109/MNET.2012.6375891

Visual analytics for BGP monitoring and prefix hijacking identification

dc.contributor.author	Biersack, Ernst	deu
dc.contributor.author	Jacquemart, Quentin	deu
dc.contributor.author	Fischer, Fabian
dc.contributor.author	Fuchs, Johannes
dc.contributor.author	Thonnard, Olivier	deu
dc.contributor.author	Theodoridis, Georgios	deu
dc.contributor.author	Tzovaras, Dimitrios	deu
dc.contributor.author	Vervier, Pierre-Antoine	deu
dc.date.accessioned	2013-04-08T12:14:32Z	deu
dc.date.available	2013-04-08T12:14:32Z	deu
dc.date.issued	2012
dc.description.abstract	The control plane of the Internet relies entirely on BGP as the interdomain routing protocol to maintain and exchange routing information between large network providers and their customers. However, an intrinsic vulnerability of the protocol is its inability to validate the integrity and correctness of routing information exchanged between peer routers. As a result, it is relatively easy for people with malicious intent to steal legitimate IP blocks through an attack known as prefix hijacking, which essentially consists of injecting bogus routing information into the system to redirect or subvert network traffic. In this article, we give a short survey of visualization methods that have been developed for BGP monitoring, in particular for the identification of prefix hijacks. Our goal is to illustrate how network visualization has the potential to assist an analyst in detecting abnormal routing patterns in massive amounts of BGP data. Finally, we present an analysis of a real validated case of prefix hijacking, which took place between April and August 2011. We use this hijack case study to illustrate the ongoing work carried out in VIS-SENSE, a European research project that leverages visual analytics to develop more effective tools for BGP monitoring and prefix hijack detection.	eng
dc.description.version	published
dc.identifier.citation	IEEE network ; 26 (2012), 6. - S. 33-39	deu
dc.identifier.doi	10.1109/MNET.2012.6375891	deu
dc.identifier.uri	http://kops.uni-konstanz.de/handle/123456789/22519
dc.language.iso	eng	deu
dc.legacy.dateIssued	2013-04-08	deu
dc.rights	terms-of-use	deu
dc.rights.uri	https://rightsstatements.org/page/InC/1.0/	deu
dc.subject.ddc	004	deu
dc.title	Visual analytics for BGP monitoring and prefix hijacking identification	eng
dc.type	JOURNAL_ARTICLE	deu
dspace.entity.type	Publication
kops.citation.bibtex	@article{Biersack2012Visua-22519, year={2012}, doi={10.1109/MNET.2012.6375891}, title={Visual analytics for BGP monitoring and prefix hijacking identification}, number={6}, volume={26}, issn={0890-8044}, journal={IEEE Network}, pages={33--39}, author={Biersack, Ernst and Jacquemart, Quentin and Fischer, Fabian and Fuchs, Johannes and Thonnard, Olivier and Theodoridis, Georgios and Tzovaras, Dimitrios and Vervier, Pierre-Antoine} }
kops.citation.iso690	BIERSACK, Ernst, Quentin JACQUEMART, Fabian FISCHER, Johannes FUCHS, Olivier THONNARD, Georgios THEODORIDIS, Dimitrios TZOVARAS, Pierre-Antoine VERVIER, 2012. Visual analytics for BGP monitoring and prefix hijacking identification. In: IEEE Network. 2012, 26(6), pp. 33-39. ISSN 0890-8044. Available under: doi: 10.1109/MNET.2012.6375891	deu
kops.citation.iso690	BIERSACK, Ernst, Quentin JACQUEMART, Fabian FISCHER, Johannes FUCHS, Olivier THONNARD, Georgios THEODORIDIS, Dimitrios TZOVARAS, Pierre-Antoine VERVIER, 2012. Visual analytics for BGP monitoring and prefix hijacking identification. In: IEEE Network. 2012, 26(6), pp. 33-39. ISSN 0890-8044. Available under: doi: 10.1109/MNET.2012.6375891	eng
kops.citation.rdf	<rdf:RDF xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:bibo="http://purl.org/ontology/bibo/" xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:void="http://rdfs.org/ns/void#" xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > <rdf:Description rdf:about="https://kops.uni-konstanz.de/server/rdf/resource/123456789/22519"> <dcterms:title>Visual analytics for BGP monitoring and prefix hijacking identification</dcterms:title> <dc:creator>Jacquemart, Quentin</dc:creator> <dc:contributor>Fischer, Fabian</dc:contributor> <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2013-04-08T12:14:32Z</dcterms:available> <dc:contributor>Biersack, Ernst</dc:contributor> <foaf:homepage rdf:resource="http://localhost:8080/"/> <dcterms:bibliographicCitation>IEEE network ; 26 (2012), 6. - S. 33-39</dcterms:bibliographicCitation> <dc:creator>Vervier, Pierre-Antoine</dc:creator> <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/> <dc:language>eng</dc:language> <dc:creator>Theodoridis, Georgios</dc:creator> <dc:contributor>Fuchs, Johannes</dc:contributor> <dc:creator>Biersack, Ernst</dc:creator> <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/> <dc:rights>terms-of-use</dc:rights> <dc:creator>Thonnard, Olivier</dc:creator> <dc:contributor>Tzovaras, Dimitrios</dc:contributor> <dc:creator>Tzovaras, Dimitrios</dc:creator> <dc:creator>Fischer, Fabian</dc:creator> <dc:contributor>Thonnard, Olivier</dc:contributor> <bibo:uri rdf:resource="http://kops.uni-konstanz.de/handle/123456789/22519"/> <dc:contributor>Vervier, Pierre-Antoine</dc:contributor> <dcterms:abstract xml:lang="eng">The control plane of the Internet relies entirely on BGP as the interdomain routing protocol to maintain and exchange routing information between large network providers and their customers. However, an intrinsic vulnerability of the protocol is its inability to validate the integrity and correctness of routing information exchanged between peer routers. As a result, it is relatively easy for people with malicious intent to steal legitimate IP blocks through an attack known as prefix hijacking, which essentially consists of injecting bogus routing information into the system to redirect or subvert network traffic. In this article, we give a short survey of visualization methods that have been developed for BGP monitoring, in particular for the identification of prefix hijacks. Our goal is to illustrate how network visualization has the potential to assist an analyst in detecting abnormal routing patterns in massive amounts of BGP data. Finally, we present an analysis of a real validated case of prefix hijacking, which took place between April and August 2011. We use this hijack case study to illustrate the ongoing work carried out in VIS-SENSE, a European research project that leverages visual analytics to develop more effective tools for BGP monitoring and prefix hijack detection.</dcterms:abstract> <dc:contributor>Jacquemart, Quentin</dc:contributor> <dcterms:rights rdf:resource="https://rightsstatements.org/page/InC/1.0/"/> <dc:contributor>Theodoridis, Georgios</dc:contributor> <dc:creator>Fuchs, Johannes</dc:creator> <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2013-04-08T12:14:32Z</dc:date> <dcterms:issued>2012</dcterms:issued> <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/> </rdf:Description> </rdf:RDF>
kops.flag.knbibliography	true
kops.identifier.nbn	urn:nbn:de:bsz:352-225199	deu
kops.sourcefield	IEEE Network. 2012, <b>26</b>(6), pp. 33-39. ISSN 0890-8044. Available under: doi: 10.1109/MNET.2012.6375891	deu
kops.sourcefield.plain	IEEE Network. 2012, 26(6), pp. 33-39. ISSN 0890-8044. Available under: doi: 10.1109/MNET.2012.6375891	deu
kops.sourcefield.plain	IEEE Network. 2012, 26(6), pp. 33-39. ISSN 0890-8044. Available under: doi: 10.1109/MNET.2012.6375891	eng
kops.submitter.email	christoph.petzmann@uni-konstanz.de	deu
relation.isAuthorOfPublication	7a775974-2508-4a1c-b786-d48032df7443
relation.isAuthorOfPublication	6dc854f5-8120-4da2-9c7a-c42f860f77fc
relation.isAuthorOfPublication.latestForDiscovery	7a775974-2508-4a1c-b786-d48032df7443
source.bibliographicInfo.fromPage	33
source.bibliographicInfo.issue	6
source.bibliographicInfo.toPage	39
source.bibliographicInfo.volume	26
source.identifier.issn	0890-8044
source.periodicalTitle	IEEE Network

Dateien

Lizenzbündel

Gerade angezeigt 1 - 1 von 1

Name:: license.txt
Größe:: 1.92 KB
Format:: Plain Text
Beschreibung:

license.txtGröße: 1.92 KBDownloads: 0

Sammlungen

Informatik und Informationswissenschaft: Publikationen