@inproceedings{d463bf40fee6450ea4258572d73fde6c,
title = "How to prevent AS hijacking attacks",
abstract = "The Border Gateway Protocol (BGP) was designed without security aspects in mind. This fact makes the Internet vulnerable to attacks: complete networks can be hijacked to blackhole or intercept traffic. In this work, we extend the set of known hijacking attacks with a real case study on AS hijacking, carried out in order to send spam from a victim's network. This type of attack is more sophisticated than common IP prefix hijacking, and is aimed at a long-term benefit, with effective use for several months. On our poster, we thoroughly investigate the aforementioned incident based on live data from both the control and the data plane. Our analysis yields insights into the attacker's proceeding to covertly hijack a whole autonomous system, mislead an upstream provider and abuse an unallocated address space. We further discuss the potential for prevention and reveal shortcomings of state of the art BGP security extensions like RPKI. Based on these findings, we outline the concept of an early warning system for AS hijacking with pre-emptive capabilities.",
keywords = "AS Hijacking, BGP, Case Study, Monitoring, Prefix Hijacking",
author = "Johann Schlamp and Georg Carle and Biersack, \{Ernst W.\}",
year = "2012",
doi = "10.1145/2413247.2413265",
language = "English",
isbn = "9781450317757",
series = "CoNEXT Student 2012 - Proceedings of the ACM Conference on the 2012 CoNEXT Student Workshop",
pages = "29--30",
booktitle = "CoNEXT Student 2012 - Proceedings of the ACM Conference on the 2012 CoNEXT Student Workshop",
note = "2012 ACM CoNEXT Student Workshop, CoNEXT Student 2012 ; Conference date: 10-12-2012 Through 10-12-2012",
}