authors
- LUTU, ANDRA ELENA
- BAGNULO BRAUN, MARCELO GABRIEL
- PELSSER, CRISTEL
- MAENNEL, OLAF
- CID SUEIRO, JESUS
The BGP Visibility Toolkit: detecting anomalous internet routing behavior
Articles
Overview
published in
publication date
- April 2016
start page
- 1237
end page
- 1250
issue
- 2
volume
- 24
Digital Object Identifier (DOI)
full text
International Standard Serial Number (ISSN)
- 1063-6692
Electronic International Standard Serial Number (EISSN)
- 1558-2566
abstract
- In this paper, we propose the BGP Visibility Toolkit, a system for detecting and analyzing anomalous behavior in the Internet. We show that interdomain prefix visibility can be used to single out cases of erroneous demeanors resulting from misconfiguration or bogus routing policies. The implementation of routing policies with BGP is a complicated process, involving fine-tuning operations and interactions with the policies of the other active ASes. Network operators might end up with faulty configurations or unintended routing policies that prevent the success of their strategies and impact their revenues. As part of the Visibility Toolkit, we propose the BGP Visibility Scanner, a tool which identifies limited visibility prefixes in the Internet. The tool enables operators to provide feedback on the expected visibility status of prefixes. We build a unique set of ground-truth prefixes qualified by their ASes as intended or unintended to have limited visibility.
Classification
keywords
- anomaly detection; bgp; internet measurement; machine assembly