Understanding resiliency of internet topology against prefix hijack attacks

Mohit Lad; Ricardo Oliveira; Beichuan Zhang; Lixia Zhang

doi:10.1109/DSN.2007.95

Understanding resiliency of internet topology against prefix hijack attacks

Mohit Lad, Ricardo Oliveira, Beichuan Zhang, Lixia Zhang

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

63 Scopus citations

Abstract

A prefix hijack attack involves an attacker announcing victim networks' IP prefixes into the global routing system. As a result, data traffic from portions of the Internet can be diverted to attacker networks. Prefix hijack attacks are a serious security threat in the Internet and it is important to understand the factors that affect the resiliency of victim networks against these attacks. In this paper, we conducted a systematic study to gauge the effectiveness of prefix hijacks launched at different locations in the Internet topology. Our study shows that direct customers of multiple tier1 networks are the most resilient, even more than the tier-1 networks themselves. Conversely, if these customer networks are used to launch prefix hijacks, they would also be the most effective launching pads for attacks. We verified our results through case studies using real prefix hijack incidents that had occurred in the Internet.

Original language	English (US)
Title of host publication	Proceedings - 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2007
Pages	368-377
Number of pages	10
DOIs	https://doi.org/10.1109/DSN.2007.95
State	Published - 2007
Event	37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2007 - Edinburgh, United Kingdom Duration: Jun 25 2007 → Jun 28 2007

Publication series

Name	Proceedings of the International Conference on Dependable Systems and Networks

Other

Other	37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2007
Country/Territory	United Kingdom
City	Edinburgh
Period	6/25/07 → 6/28/07

ASJC Scopus subject areas

Software
Hardware and Architecture
Computer Networks and Communications

Access to Document

10.1109/DSN.2007.95

Cite this

Lad, M., Oliveira, R., Zhang, B., & Zhang, L. (2007). Understanding resiliency of internet topology against prefix hijack attacks. In Proceedings - 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2007 (pp. 368-377). Article 4272988 (Proceedings of the International Conference on Dependable Systems and Networks). https://doi.org/10.1109/DSN.2007.95

Understanding resiliency of internet topology against prefix hijack attacks. / Lad, Mohit; Oliveira, Ricardo; Zhang, Beichuan et al.
Proceedings - 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2007. 2007. p. 368-377 4272988 (Proceedings of the International Conference on Dependable Systems and Networks).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Lad, M, Oliveira, R, Zhang, B & Zhang, L 2007, Understanding resiliency of internet topology against prefix hijack attacks. in Proceedings - 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2007., 4272988, Proceedings of the International Conference on Dependable Systems and Networks, pp. 368-377, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2007, Edinburgh, United Kingdom, 6/25/07. https://doi.org/10.1109/DSN.2007.95

@inproceedings{db662167ea2a4be9a7ecbf3b432d3b06,

title = "Understanding resiliency of internet topology against prefix hijack attacks",

abstract = "A prefix hijack attack involves an attacker announcing victim networks' IP prefixes into the global routing system. As a result, data traffic from portions of the Internet can be diverted to attacker networks. Prefix hijack attacks are a serious security threat in the Internet and it is important to understand the factors that affect the resiliency of victim networks against these attacks. In this paper, we conducted a systematic study to gauge the effectiveness of prefix hijacks launched at different locations in the Internet topology. Our study shows that direct customers of multiple tier1 networks are the most resilient, even more than the tier-1 networks themselves. Conversely, if these customer networks are used to launch prefix hijacks, they would also be the most effective launching pads for attacks. We verified our results through case studies using real prefix hijack incidents that had occurred in the Internet.",

author = "Mohit Lad and Ricardo Oliveira and Beichuan Zhang and Lixia Zhang",

year = "2007",

doi = "10.1109/DSN.2007.95",

language = "English (US)",

isbn = "0769528554",

series = "Proceedings of the International Conference on Dependable Systems and Networks",

pages = "368--377",

booktitle = "Proceedings - 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2007",

note = "37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2007 ; Conference date: 25-06-2007 Through 28-06-2007",

}

TY - GEN

T1 - Understanding resiliency of internet topology against prefix hijack attacks

AU - Lad, Mohit

AU - Oliveira, Ricardo

AU - Zhang, Beichuan

AU - Zhang, Lixia

PY - 2007

Y1 - 2007

N2 - A prefix hijack attack involves an attacker announcing victim networks' IP prefixes into the global routing system. As a result, data traffic from portions of the Internet can be diverted to attacker networks. Prefix hijack attacks are a serious security threat in the Internet and it is important to understand the factors that affect the resiliency of victim networks against these attacks. In this paper, we conducted a systematic study to gauge the effectiveness of prefix hijacks launched at different locations in the Internet topology. Our study shows that direct customers of multiple tier1 networks are the most resilient, even more than the tier-1 networks themselves. Conversely, if these customer networks are used to launch prefix hijacks, they would also be the most effective launching pads for attacks. We verified our results through case studies using real prefix hijack incidents that had occurred in the Internet.

AB - A prefix hijack attack involves an attacker announcing victim networks' IP prefixes into the global routing system. As a result, data traffic from portions of the Internet can be diverted to attacker networks. Prefix hijack attacks are a serious security threat in the Internet and it is important to understand the factors that affect the resiliency of victim networks against these attacks. In this paper, we conducted a systematic study to gauge the effectiveness of prefix hijacks launched at different locations in the Internet topology. Our study shows that direct customers of multiple tier1 networks are the most resilient, even more than the tier-1 networks themselves. Conversely, if these customer networks are used to launch prefix hijacks, they would also be the most effective launching pads for attacks. We verified our results through case studies using real prefix hijack incidents that had occurred in the Internet.

UR - http://www.scopus.com/inward/record.url?scp=36048995031&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=36048995031&partnerID=8YFLogxK

U2 - 10.1109/DSN.2007.95

DO - 10.1109/DSN.2007.95

M3 - Conference contribution

AN - SCOPUS:36048995031

SN - 0769528554

SN - 9780769528557

T3 - Proceedings of the International Conference on Dependable Systems and Networks

SP - 368

EP - 377

BT - Proceedings - 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2007

T2 - 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2007

Y2 - 25 June 2007 through 28 June 2007

ER -

Understanding resiliency of internet topology against prefix hijack attacks

Abstract

Publication series

Other

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this