Accepted author manuscript, 655 KB, PDF document
Available under license: CC BY-NC: Creative Commons Attribution-NonCommercial 4.0 International License
Other version, 822 KB, PDF document
Available under license: CC BY-NC: Creative Commons Attribution-NonCommercial 4.0 International License
Final published version
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - CommunityWatch: The Swiss-Army Knife of BGP Anomaly Detection
AU - Giotsas, Vasileios
PY - 2018/7/16
Y1 - 2018/7/16
N2 - We present CommunityWatch, an open-source system that enables timely and accurate detection of BGP routing anomalies. CommunityWatch leverages meta-data encoded by AS operators on their advertised routes through the BGP Communities attribute. The BGP Communities values lack standardized semantics, offering the flexibility to attach a wide range of information, including AS relationships, location data, and route redistribution policies. Therefore, parsing and correlating Community values and their dynamics enables the detection and tracking of a variety of routing anomalies. We exhibit the efficacy of CommunityWatch through the detection of three different types of anomalies: infrastructure outages, route leaks, and traffic blackholing.
AB - We present CommunityWatch, an open-source system that enables timely and accurate detection of BGP routing anomalies. CommunityWatch leverages meta-data encoded by AS operators on their advertised routes through the BGP Communities attribute. The BGP Communities values lack standardized semantics, offering the flexibility to attach a wide range of information, including AS relationships, location data, and route redistribution policies. Therefore, parsing and correlating Community values and their dynamics enables the detection and tracking of a variety of routing anomalies. We exhibit the efficacy of CommunityWatch through the detection of three different types of anomalies: infrastructure outages, route leaks, and traffic blackholing.
U2 - 10.1145/3232755.3232858
DO - 10.1145/3232755.3232858
M3 - Conference contribution/Paper
SN - 9781450355858
SP - 24
BT - ANRW '18 Proceedings of the Applied Networking Research Workshop
PB - ACM
CY - New York
T2 - Applied Network Research Conference
Y2 - 16 July 2018
ER -