Researchers at MIT and MIT’s
CSAIL AI research lab have detailed a new approach to address serial abusers of the
Border Gateway Protocol (BGP), which attackers use to trick other networks into misdirecting internet traffic for snooping, phishing, or and denial of service attacks.
The machine learning approach is detailed in a paper titled
“Profiling BGP Serial Hijackers: Capturing Persistent Misbehavior in the Global Routing Table” that the researchers will present at a conference in Amsterdam later this month.
ISPs can intentionally or inadvertently hijack BGP routing by wrongly announcing another network’s IP address blocks, causing other ISPs and internet infrastructure providers to incorrectly reroute traffic, which in the past has led to vast amounts traffic from Amazon, Google, and Microsoft erroneously ending up in
places like Iran,
China and
Russia.
The MIT researchers ran a longitudinal survey of so-called "serial BGP hijackers" by looking at past instances of known and persistent bad behavior linked to Autonomous System (AS) numbers, which is how ISPs are identified in BGP route tables.
![[correlate]](/data/avatars/m/79/79653.jpg?1556985072){kind=avatar}
