- May 4, 2019
- 801
Researchers at MIT and MIT’s CSAIL AI research lab have detailed a new approach to address serial abusers of the Border Gateway Protocol (BGP), which attackers use to trick other networks into misdirecting internet traffic for snooping, phishing, or and denial of service attacks.
The machine learning approach is detailed in a paper titled “Profiling BGP Serial Hijackers: Capturing Persistent Misbehavior in the Global Routing Table” that the researchers will present at a conference in Amsterdam later this month.
ISPs can intentionally or inadvertently hijack BGP routing by wrongly announcing another network’s IP address blocks, causing other ISPs and internet infrastructure providers to incorrectly reroute traffic, which in the past has led to vast amounts traffic from Amazon, Google, and Microsoft erroneously ending up in places like Iran, China and Russia.
The MIT researchers ran a longitudinal survey of so-called "serial BGP hijackers" by looking at past instances of known and persistent bad behavior linked to Autonomous System (AS) numbers, which is how ISPs are identified in BGP route tables.
MIT AI researchers devise approach to detect ‘serial BGP hijackers’
MIT researchers look at serial Internet address hijackers to model behavior that could help good ISPs respond faster to bad ISPs.
www.cso.com.au