By Topic

A Method for Real-Time Identification of Malformed BGP Messages

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Watari, M. ; KDDI R&D Labs. Inc., Saitama, Japan ; Peng Jiang ; Tachibana, A. ; Ano, S.

The BGP routing system is one of the key component of today's Internet infrastructure responsible for carrying data traffic across different Autonomous Systems (ASes). Recently, malformed BGP messages have become a threat to the operational community as they repeatedly cause BGP session resets until identified. However, the identification of the message itself is often difficult in large ISP networks. In this paper, we propose a novel method for real-time identification of these messages by using passively collects BGP messages. Our method focuses on the frequency of observed attributes and values of prefixes advertised by each AS. Based on our heuristics that common attributes are observed at similar time scale, we periodically measure the usage frequency of attributes from BGP messages observed in real-time and mark attributes and values used by minority of the AS as suspicious. We verify the efficiency of our method using BGP data obtained from operational networks.

Published in:

Applications and the Internet (SAINT), 2011 IEEE/IPSJ 11th International Symposium on

Date of Conference:

18-21 July 2011