BGP prefix hijacking is a critical threat to the resilience and security of communications in the Internet. While several mechanisms have been proposed to prevent, detect or mitigate hijacking events, it has not been studied how to accurately quantify the impact of an ongoing hijack. When detecting a hijack, existing methods do not estimate how many networks in the Internet are affected (before and/or after its mitigation). In this paper, we study fundamental and practical aspects of the problem of estimating the impact of an ongoing hijack through network measurements. We derive analytical results for the involved trade-offs and limits, and investigate the performance of different measurement approaches (control/data-plane measurements) and use of public measurement infrastructure. Our findings provide useful insights for the design of accurate hijack impact estimation methodologies. Based on these insights, we design (i) a lightweight and practical estimation methodology that employs ping measurements, and (ii) an estimator that employs public infrastructure measurements and eliminates correlations between them to improve the accuracy. We validate the proposed methodologies and findings against results from hijacking experiments we conduct in the real Internet.
翻译:BGP前缀劫持是对因特网通信的复原力和安全的严重威胁。虽然已提出若干机制来防止、发现或减轻劫持事件,但没有研究如何准确量化正在发生的劫持事件的影响。发现劫持事件时,现有方法并不估计因特网上有多少网络受到影响(在减轻劫持事件之前和/或之后);在本文件中,我们研究了通过网络测量估计正在发生的劫持事件的影响问题的基本和实际方面。我们为所涉的权衡和限制得出分析结果,并调查不同衡量方法(控制/数据-计划测量)的绩效和公共测量基础设施的使用情况。我们的调查结果为准确设计劫持事件影响估计方法提供了有用的见解。我们根据这些了解,设计了(一) 使用定位测量的轻量和实用的估计方法,和(二) 使用公共基础设施测量的估测标准,消除它们之间的关联,以提高准确性。我们验证了拟议方法和调查结果,以抵消我们在实际因特网上进行的劫持试验的结果。