|
Description:
|
Border Gateway Protocol (BGP ) prefix hijacking is a serious problem in the Internet today . Although there are several services being offered to detect a prefix hijack , there has been little work done to prevent a hijack or to continue providing network service during a prefix hijack attack . This thesis proposes a novel framework to provide defense against prefix hijacking which can be offered as a service by Content Distribution Networks and large Internet Service Providers . Our experiments revealed that the hijack success rate reduced from 90 .36 % to 30 .53 % at Tier 2 , 84 .65 % to 10 .98 % at Tier 3 and 82 .45 % to 8 .39 % at Tier 4 using Autonomous Systems (ASs ) of Akamai as Hijack Prevention Service Provider . We also observed that 70 % of the data captured by Hijack Prevention Service Provider (HPSP ) can be routed back to Victim . However if we use tunneling , i .e . trying to route data to neighbors of Victims which in turn sends the traffic to Victims , we observed that data can be routed to Victim 98 .09 % of the time . Also , the cost of such redirection is minimal , since the average increase in path length was observed to be 2 .07 AS hops . |