NPS logo Naval Postgraduate School
Dudley Knox Library
        View Item 
        •   Calhoun Home
        • Theses and Dissertations
        • 1. Thesis and Dissertation Collection, all items
        • View Item
        •   Calhoun Home
        • Theses and Dissertations
        • 1. Thesis and Dissertation Collection, all items
        • View Item
        • How to search in Calhoun
        • My Accounts
        • Ask a Librarian
        JavaScript is disabled for your browser. Some features of this site may not work without it.

        Browse

        All of CalhounCollectionsThis Collection

        My Account

        LoginRegister

        Statistics

        Most Popular ItemsStatistics by CountryMost Popular Authors

        CHARACTERIZING BGP COMMUNITY IRREGULARITIES TOWARD AN ANOMALY DETECTION ENGINE

        Thumbnail
        Download
        Icon19Dec_Hardt_Alexander.pdf (1.284Mb)
        Download Record
        Download to EndNote/RefMan (RIS)
        Download to BibTex
        Author
        Hardt, Alexander
        Date
        2019
        Advisor
        Beverly, Robert
        Second Reader
        Smaragdakis, Georgios, Technical University (TU) Berlin
        Metadata
        Show full item record
        Abstract
        Prior work has demonstrated ways in which to attack the Border Gateway Protocol (BGP) system as well as vulnerabilities of the BGP and its configuration. Furthermore, BGP attacks, such as hijacking, are common in the wild, whether due to accidental misconfiguration or malintent. Recent work demonstrates the feasibility and potential for new BGP attacks based on the BGP community attribute (rerouting and blackholing). Very recently, there have been BGP attacks using BGP communities in the wild. The major issues with BGP communities (among others) are that there is no cryptographic protection, attribution is very difficult, and they are used both for signaling and triggering actions. These issues present opportunities for misconfiguration and, more concerningly, abuse. Not only have BGP communities been shown to potentially allow a third party to trigger remote blackholing, false BGP community announcements can be used to re-route traffic to include a hop controlled by an attacker. This re-routing allows an attacker to potentially examine traffic on its way to its intended destination. Despite this rich body of prior work, no one has analyzed the use and misuse of BGP communities over time. In this thesis, we characterize BGP community use and behavior over the course of a year to investigate the possibility of building a BGP community anomaly detector.
        Rights
        Copyright is reserved by the copyright owner.
        URI
        http://hdl.handle.net/10945/64179
        Collections
        • 1. Thesis and Dissertation Collection, all items

        Feedback

        411 Dyer Rd. Bldg. 339
        Monterey, CA 93943

         

        circdesk@nps.edu
        (831) 656-2947
        DSN 756-2947

        Start Your Research

        • Research Guides
        • How to Cite
        • Search Basics
        • Ask a Librarian
        • Library Liaisons
        • Graduate Writing Center
        • Thesis Processing Office
        • Statistics, Maps & More
        • Copyright at NPS

        Find & Download

        • Databases List
        • Articles, Books & More
        • NPS Theses
        • NPS Faculty Publications: Calhoun
        • Journal Titles
        • Course Reserves

        Use the Library

        • My Accounts
        • Request Article or Book
        • Borrow, Renew, Return
        • Remote Access
        • Workshops & Tours
        • For Faculty & Researchers
        • For International Students
        • For Alumni
        • Print, Copy, Scan, Fax
        • Rooms & Study Spaces
        • Floor Map
        • Computers & Software
        • Adapters, Lockers & More

        Collections

        • NPS Archive: Calhoun
        • Restricted Resources
        • Special Collections & Archives
        • Federal Depository
        • Homeland Security Digital Library

        About

        • Hours
        • Library Staff
        • About Us
        • Visit Us

        NPS-Licensed Resources - Terms & Conditions

        Copyright Notice

         
         

          Federal Depository Library  

        NPS Home Privacy Policy Copyright Accessibility Contact Webmaster

        Export search results

        The export option will allow you to export the current search results of the entered query to a file. Different formats are available for download. To export the items, click on the button corresponding with the preferred download format.

        A logged-in user can export up to 15000 items. If you're not logged in, you can export no more than 500 items.

        To select a subset of the search results, click "Selective Export" button and make a selection of the items you want to export. The amount of items that can be exported at once is similarly restricted as the full export.

        After making a selection, click one of the export format buttons. The amount of items that will be exported is indicated in the bubble next to export format.

        Export citations

        Export the current results of the search query as a citation list. Select one of the available citation styles, or add a new one using the "Citations format" option present in the "My account" section.

        The list of citations that can be exported is limited to items.

        Export citations

        Export the current item as a citation. Select one of the available citation styles, or add a new one using the "Citations format" option present in the "My account" section.

        Export Citations