Browse > Article
http://dx.doi.org/10.6109/jkiice.2022.26.10.1525

Current Status and Challenges of BGP Hijacking Security Threat  

Han, Wooyoung (Undergraduate Student, Web Programming, Korea Digital Media High School)
Hong, Yunseok (Undergraduate Student, Goyang-il High School)
Publication Information
Journal of the Korea Institute of Information and Communication Engineering / v.26, no.10, 2022 , pp. 1525-1530 More about this Journal
Abstract
BGP(Border Gateway Protocol) is a routing protocol that is actively used in inter-AS routing on the Internet. However, BGP routing protocol is vulnerable to BGP hijacking attacks that hijack the network by impersonating normal BGP sessions. BGP Hijacking attacks can lead to causing intercept IP traffic or interference with the normal service operation. Recently, BGP hijacking attacks, which have often occurred overseas, have also occurred in Korea. It means threatening the security of the Internet. In this paper, we analyze the overall process of attack through representative attack cases and virtual scenarios of BGP hijacking and based on the results of analyzing the application status of security technology to prevent BGP hijacking attacks by Korea and global major ISPs. It covers the technical proposal of ISPs and autonomous system operators should take to defend against BGP hijacking attacks.
Keywords
BGP; BGP Hijacking; RPKI; BGPsec;
Citations & Related Records
연도 인용수 순위
  • Reference
1 S. Cho, R. Fontugne, K. Cho, A. Dainotti, and P. Gill, "BGP hijacking classification," in Proceedings of 2019 Network Traffic Measurement and Analysis Conference, Paris, France, pp. 25-32, 2019.
2 Cloudflare.RPKI Portal [Internet]. Available: https://rpki.cloudflare.com.
3 Anapaya. SCiON-The New Way to Connect [Internet]. Available:https://www.anapaya.net/scion-the-new-way-to-connect.
4 L. Yujing, L. Yuan, B. Zhang, and S. Jinshu, "Research on AS path betweenness based filtering policy against BGP prefix hijacking," in Proceedings of The 2nd International Conference on Information Science and Engineering, Hangzhou, China, pp. 4659-4662, 2010.
5 Qrator Lab. Radar by Qrator [Internet]. Available: https://radar.qrator.net.
6 NIST. RPKI Monitor Analysis Data [Internet]. Available: https://rpki-monitor.antd.nist.gov.
7 M. Apostolaki, A. Zohar, and L. Vanbever, "Hijacking Bitcoin: Routing Attacks on Cryptocurrencies," in Proceedings of 2017 IEEE Symposium on Security and Privacy, California: CA, USA, pp. 375-392, 2017.
8 M. Lepinski and S. Kent. (2012, February). An Infrastructure to Support Secure Internet Routing, RFC 6480 [Online]. Available: https://datatracker.ietf.org/doc/rfc6480/.
9 S2W TALON with eyez. Post Mortem of KlaySwap Incident through BGP Hijacking [Internet]. Available: https://medium.com/s2wblog/post-mortem-of-klayswap-inc ident-through-bgp-hijacking-898f26727d66.
10 M. Lepinski and K. Sriram. (2017, September). BGPsec Protocol Specification, RFC 8205 [Online]. Available: https://datatracker.ietf.org/doc/rfc8205/.
11 Ministry of Science and ICT Korea. 211029 KT Network Issue Detail Report [Internet]. Available: https://www.msit.go.kr/bbs/view.do?sCode=user&mPid=112&mId=113&bbs SeqNo=94&nttSeqNo=3180886.
12 RIPE. Routing Information Service (RIS) [Internet]. Available: https://ris-live.ripe.net.