A Framework for BGP Abnormal Events Detection

Anisa Allahdadi, Ricardo Morla, Rui Prior

Detection of abnormal BGP events is of great importance to preserve the security and robustness of the Internet inter-domain routing system. In this paper, we propose an anomaly detection framework based on machine learning techniques to identify the anomalous events by training a model for normal BGP-updates and measuring the extent of deviation from the normal model during the abnormal occasions. Our preliminary results show that the features generated and selected are capable of improving the classification results to distinguish between anomalies and normal BGP update messages. Furthermore, the clustering results demonstrate the effectiveness of formed models to detect the similar types of BGP anomalies. In a more general context, an interdisciplinary research is performed between network security and data mining to deal with real-world problems and the achieved results are promising.

Knowledge Graph



Sign up or login to leave a comment