The Border Gateway Protocol (BGP) is globally used by Autonomous Systems(ASes) to establish route paths for IP prefixes in the Internet. Due to thelack of authentication in BGP, an AS can hijack IP prefixes owned by other ASes(i.e., announce illegitimate route paths), impacting thus the Internet routingsystem and economy. To this end, a number of hijacking detection systems havebeen proposed. However, existing systems are usually third party services that-inherently- introduce a significant delay between the hijacking detection (bythe service) and its mitigation (by the network administrators). To overcomethis shortcoming, in this paper, we propose ARTEMIS, a tool that enables an ASto timely detect hijacks on its own prefixes, and automatically proceed tomitigation actions. To evaluate the performance of ARTEMIS, we conduct realhijacking experiments. To our best knowledge, it is the first time that ahijacking detection/mitigation system is evaluated through extensiveexperiments in the real Internet. Our results (a) show that ARTEMIS can detect(mitigate) a hijack within a few seconds (minutes) after it has been launched,and (b) demonstrate the efficiency of the different control-plane sources usedby ARTEMIS, towards monitoring routing changes.
展开▼