Home > Research > Publications & Outputs > CommunityWatch: The Swiss-Army Knife of BGP Ano...

Research

Associated organisational units

Electronic data

  • anrw18-paper61-giotsas

    Accepted author manuscript, 655 KB, PDF document

    Available under license: CC BY-NC: Creative Commons Attribution-NonCommercial 4.0 International License

  • vgiotsas-anrw-2018-poster

    Other version, 822 KB, PDF document

    Available under license: CC BY-NC: Creative Commons Attribution-NonCommercial 4.0 International License

Links

Text available via DOI:

View graph of relations

CommunityWatch: The Swiss-Army Knife of BGP Anomaly Detection

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published
Publication date16/07/2018
Host publicationANRW '18 Proceedings of the Applied Networking Research Workshop
Place of PublicationNew York
PublisherACM
Pages24
Number of pages1
ISBN (print)9781450355858
<mark>Original language</mark>English
EventApplied Network Research Conference - Montreal, Canada
Duration: 16/07/2018 → …
https://irtf.org/anrw/2018/

Conference

ConferenceApplied Network Research Conference
Abbreviated titleANRW
Country/TerritoryCanada
CityMontreal
Period16/07/18 → …
Internet address

Conference

ConferenceApplied Network Research Conference
Abbreviated titleANRW
Country/TerritoryCanada
CityMontreal
Period16/07/18 → …
Internet address

Abstract

We present CommunityWatch, an open-source system that enables timely and accurate detection of BGP routing anomalies. CommunityWatch leverages meta-data encoded by AS operators on their advertised routes through the BGP Communities attribute. The BGP Communities values lack standardized semantics, offering the flexibility to attach a wide range of information, including AS relationships, location data, and route redistribution policies. Therefore, parsing and correlating Community values and their dynamics enables the detection and tracking of a variety of routing anomalies. We exhibit the efficacy of CommunityWatch through the detection of three different types of anomalies: infrastructure outages, route leaks, and traffic blackholing.