CommunityWatch: The Swiss-Army Knife of BGP Anomaly Detection

Giotsas, Vasileios (2018) CommunityWatch: The Swiss-Army Knife of BGP Anomaly Detection. In: ANRW '18 Proceedings of the Applied Networking Research Workshop. ACM, CAN, p. 24. ISBN 9781450355858

[img]
Preview
PDF (anrw18-paper61-giotsas)
anrw18_paper61_giotsas.pdf - Accepted Version
Available under License Creative Commons Attribution-NonCommercial.

Download (670kB)

Abstract

We present CommunityWatch, an open-source system that enables timely and accurate detection of BGP routing anomalies. CommunityWatch leverages meta-data encoded by AS operators on their advertised routes through the BGP Communities attribute. The BGP Communities values lack standardized semantics, offering the flexibility to attach a wide range of information, including AS relationships, location data, and route redistribution policies. Therefore, parsing and correlating Community values and their dynamics enables the detection and tracking of a variety of routing anomalies. We exhibit the efficacy of CommunityWatch through the detection of three different types of anomalies: infrastructure outages, route leaks, and traffic blackholing.

Item Type: Contribution in Book/Report/Proceedings
Departments: Faculty of Science and Technology > School of Computing & Communications
ID Code: 126607
Deposited By: ep_importer_pure
Deposited On: 30 Jul 2018 11:02
Refereed?: Yes
Published?: Published
Last Modified: 27 Feb 2020 05:57
URI: https://eprints.lancs.ac.uk/id/eprint/126607

Actions (login required)

View Item View Item