A Prefix Hijacking Detection Model Based on the Immune Network Theory

A Prefix Hijacking Detection Model Based on the Immune Network Theory

The prefix hijacking problem is an urgent security issue that need to address in the Border Gateway Protocol (BGP) security research. In order to solve the problem of prefix hijacking in BGP, we propose (a) new (p)refix (h)ijacking (d)etection model based on the immune network theory in this paper,...

Full description

Bibliographic Details
Main Authors: Jian Zhang, Daofeng Li, Bowen Zhao
Format: Article
Language:English
Published: IEEE 2019-01-01
Series:IEEE Access
Subjects:
Immune network theory
prefix hijacking
BGP security
negative selection
Online Access:https://ieeexplore.ieee.org/document/8835890/
Description
Summary:The prefix hijacking problem is an urgent security issue that need to address in the Border Gateway Protocol (BGP) security research. In order to solve the problem of prefix hijacking in BGP, we propose (a) new (p)refix (h)ijacking (d)etection model based on the immune network theory in this paper, called aPHD. To be specific, aPHD uses real BGP UPDATE messages for pre-training and has the ability to detect UPDATE messages in real time after pre-training. The aPHD (1) can effectively detect prefix hijacking attacks with high accuracy; (2)is easy to deployment; and (3) has a low false positive rate and low overhead. Extensive performance evaluation shows that our solution is secure and feasible. The aPHD improved the accuracy rate by 6.2% and reduced the false positive rate by 85.7%.
ISSN:2169-3536

Similar Items