Metis: Detecting Fake AS-PATHs Based on Link Prediction

Chengwan Zhang; Congcong Miao; Changqing An; Anlun Hong; Ning Wang; Zhiquan Wang; Jilong Wang

doi:10.1109/ISCC58397.2023.10218104

Metis: Detecting Fake AS-PATHs Based on Link Prediction

Chengwan Zhang, Congcong Miao, Changqing An, Anlun Hong, Ning Wang, Zhiquan Wang, Jilong Wang

School of Electrical, Electronic and Mechanical Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

2 Citations (Scopus)

Abstract

BGP route hijacking is a critical threat to the Internet. Existing works on path hijacking detection firstly monitor the routes of the whole network and then directly trigger a suspicious alarm if the link has not been seen before. However, these naive approaches will cause false positive identification and introduce unnecessary verification overhead. In this work, we propose Metis, a matching-And-prediction system to filter out normal unseen links. We first use a matching method with three rules to find out suspicious links if there is an unseen AS. Otherwise, we propose using a neural network to make a prediction based on the AS information at each end of the link and further quantify the suspicion level. Our large-scale simulation results show that Metis can achieve precision and recall of over 80% for detecting fake AS-PATHs. Moreover, our deployment experiences show that compared to state-of-the-art system, Metis can save 80% overhead.

Original language	English
Title of host publication	ISCC 2023 - 28th IEEE Symposium on Computers and Communications
Subtitle of host publication	Computers and Communications for the Benefits of Humanity
Publisher	Institute of Electrical and Electronics Engineers (IEEE)
Pages	656-662
Number of pages	7
ISBN (Electronic)	9798350300482
ISBN (Print)	9798350300499
DOIs	https://doi.org/10.1109/ISCC58397.2023.10218104
Publication status	Published - 28 Aug 2023
Event	28th IEEE Symposium on Computers and Communications, ISCC 2023 - Hybrid, Gammarth, Tunisia Duration: 9 Jul 2023 → 12 Jul 2023

Publication series

Name	IEEE Symposium on Computers and Communications
Publisher	IEEE
ISSN (Print)	1530-1346
ISSN (Electronic)	2642-7389

Conference

Conference	28th IEEE Symposium on Computers and Communications, ISCC 2023
Country/Territory	Tunisia
City	Hybrid, Gammarth
Period	9/07/23 → 12/07/23

Bibliographical note

Publisher Copyright:
© 2023 IEEE.

Keywords

BGP anomaly
Link prediction
Prefix hijack detection

Access to Document

10.1109/ISCC58397.2023.10218104

Handle.net

Persistent link

Cite this

Zhang, C., Miao, C., An, C., Hong, A., Wang, N., Wang, Z., & Wang, J. (2023). Metis: Detecting Fake AS-PATHs Based on Link Prediction. In ISCC 2023 - 28th IEEE Symposium on Computers and Communications: Computers and Communications for the Benefits of Humanity (pp. 656-662). ( IEEE Symposium on Computers and Communications). Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/ISCC58397.2023.10218104

@inproceedings{8d442a6211be458d82c5e76b57c8dd8d,

title = "Metis: Detecting Fake AS-PATHs Based on Link Prediction",

abstract = "BGP route hijacking is a critical threat to the Internet. Existing works on path hijacking detection firstly monitor the routes of the whole network and then directly trigger a suspicious alarm if the link has not been seen before. However, these naive approaches will cause false positive identification and introduce unnecessary verification overhead. In this work, we propose Metis, a matching-And-prediction system to filter out normal unseen links. We first use a matching method with three rules to find out suspicious links if there is an unseen AS. Otherwise, we propose using a neural network to make a prediction based on the AS information at each end of the link and further quantify the suspicion level. Our large-scale simulation results show that Metis can achieve precision and recall of over 80\% for detecting fake AS-PATHs. Moreover, our deployment experiences show that compared to state-of-the-art system, Metis can save 80\% overhead.",

keywords = "BGP anomaly, Link prediction, Prefix hijack detection",

author = "Chengwan Zhang and Congcong Miao and Changqing An and Anlun Hong and Ning Wang and Zhiquan Wang and Jilong Wang",

note = "Publisher Copyright: {\textcopyright} 2023 IEEE.; 28th IEEE Symposium on Computers and Communications, ISCC 2023 ; Conference date: 09-07-2023 Through 12-07-2023",

year = "2023",

month = aug,

day = "28",

doi = "10.1109/ISCC58397.2023.10218104",

language = "English",

isbn = "9798350300499",

series = " IEEE Symposium on Computers and Communications",

publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

pages = "656--662",

booktitle = "ISCC 2023 - 28th IEEE Symposium on Computers and Communications",

address = "United States",

}

Zhang, C, Miao, C, An, C, Hong, A, Wang, N, Wang, Z & Wang, J 2023, Metis: Detecting Fake AS-PATHs Based on Link Prediction. in ISCC 2023 - 28th IEEE Symposium on Computers and Communications: Computers and Communications for the Benefits of Humanity. IEEE Symposium on Computers and Communications, Institute of Electrical and Electronics Engineers (IEEE), pp. 656-662, 28th IEEE Symposium on Computers and Communications, ISCC 2023, Hybrid, Gammarth, Tunisia, 9/07/23. https://doi.org/10.1109/ISCC58397.2023.10218104

Metis: Detecting Fake AS-PATHs Based on Link Prediction. / Zhang, Chengwan; Miao, Congcong; An, Changqing et al.
ISCC 2023 - 28th IEEE Symposium on Computers and Communications: Computers and Communications for the Benefits of Humanity. Institute of Electrical and Electronics Engineers (IEEE), 2023. p. 656-662 ( IEEE Symposium on Computers and Communications).

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

TY - GEN

T1 - Metis

T2 - 28th IEEE Symposium on Computers and Communications, ISCC 2023

AU - Zhang, Chengwan

AU - Miao, Congcong

AU - An, Changqing

AU - Hong, Anlun

AU - Wang, Ning

AU - Wang, Zhiquan

AU - Wang, Jilong

PY - 2023/8/28

Y1 - 2023/8/28

N2 - BGP route hijacking is a critical threat to the Internet. Existing works on path hijacking detection firstly monitor the routes of the whole network and then directly trigger a suspicious alarm if the link has not been seen before. However, these naive approaches will cause false positive identification and introduce unnecessary verification overhead. In this work, we propose Metis, a matching-And-prediction system to filter out normal unseen links. We first use a matching method with three rules to find out suspicious links if there is an unseen AS. Otherwise, we propose using a neural network to make a prediction based on the AS information at each end of the link and further quantify the suspicion level. Our large-scale simulation results show that Metis can achieve precision and recall of over 80% for detecting fake AS-PATHs. Moreover, our deployment experiences show that compared to state-of-the-art system, Metis can save 80% overhead.

AB - BGP route hijacking is a critical threat to the Internet. Existing works on path hijacking detection firstly monitor the routes of the whole network and then directly trigger a suspicious alarm if the link has not been seen before. However, these naive approaches will cause false positive identification and introduce unnecessary verification overhead. In this work, we propose Metis, a matching-And-prediction system to filter out normal unseen links. We first use a matching method with three rules to find out suspicious links if there is an unseen AS. Otherwise, we propose using a neural network to make a prediction based on the AS information at each end of the link and further quantify the suspicion level. Our large-scale simulation results show that Metis can achieve precision and recall of over 80% for detecting fake AS-PATHs. Moreover, our deployment experiences show that compared to state-of-the-art system, Metis can save 80% overhead.

KW - BGP anomaly

KW - Link prediction

KW - Prefix hijack detection

UR - https://www.scopus.com/pages/publications/85172022689

U2 - 10.1109/ISCC58397.2023.10218104

DO - 10.1109/ISCC58397.2023.10218104

M3 - Conference Contribution (Conference Proceeding)

AN - SCOPUS:85172022689

SN - 9798350300499

T3 - IEEE Symposium on Computers and Communications

SP - 656

EP - 662

BT - ISCC 2023 - 28th IEEE Symposium on Computers and Communications

PB - Institute of Electrical and Electronics Engineers (IEEE)

Y2 - 9 July 2023 through 12 July 2023

ER -

Zhang C, Miao C, An C, Hong A, Wang N, Wang Z et al. Metis: Detecting Fake AS-PATHs Based on Link Prediction. In ISCC 2023 - 28th IEEE Symposium on Computers and Communications: Computers and Communications for the Benefits of Humanity. Institute of Electrical and Electronics Engineers (IEEE). 2023. p. 656-662. ( IEEE Symposium on Computers and Communications). doi: 10.1109/ISCC58397.2023.10218104

Metis: Detecting Fake AS-PATHs Based on Link Prediction

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Handle.net

Other files and links

Fingerprint

Cite this