A hybrid OpenFlow with intelligent detection and prediction models for preventing BGP path hijack on SDN

  • R. PradeepaEmail author
  • M. Pushpalatha
Methodologies and Application


The Border Gateway Protocol (BGP) is a path vector protocol whose fundamental aim is to exchange the information across the Internet, which directs data between autonomous systems. The significant drawback of the BGP is that it does not address security; path hijacking is one of the top-rated cyber hijacks. Existing methods such as sBGP, soBGP and PGBGP have focused more on detecting path hijacking rather than preventing. Hence, we propose an intelligent model to detect abnormal behavior of a network and to predict and prevent BGP path hijacking (DPPBGP) in software-defined networks. The main objective of our proposed model is to reduce detection time and the controller workload with SFlow-integrated OpenFlow. Three modules of our model are as follows: (1) Based on the abnormal behavior of the network, we evaluated the statistics. We use the statistic features in the cumulative sum abnormal detection algorithm to detect abnormal behavior and flows proficiently and perfectly with less detection time. (2) An intelligent machine learning approach knows as a Pattern Sequence Forecasting algorithm is used to forecast the behavior of the network. (3) After the detection or the forecast of abnormality, path hijack is prevented by killing the appropriate PID based on SFlow analyzer. Simulation results show how large the network of this model can perform accurately and effectively.


BGP SDN Inter-domain routing Autonomous systems CUSUM Machine learning Pattern Sequence Forecast Network security 


Compliance with ethical standards

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Informed consent

Informed consent was obtained from all individual participants included in the study.


  1. Basit A, Ahmed N (2017) Path diversity for inter-domain routing security. In: 2017 14th international Bhurban conference on applied sciences and technology (IBCAST), pp 384–391. IEEEGoogle Scholar
  2. Bellovin S (2003) SBGP- Secure BGP in NANOG28, JunGoogle Scholar
  3. Bokde N, Asencio-Cortés G, Martínez-Álvarez F, Kulat K (2016) Psf: Introduction to r package for pattern sequence based forecasting algorithm. arXiv preprint arXiv:1606.05492
  4. Butler K, Farley TR, McDaniel P, Rexford J (2010) A survey of BGP security issues and solutions. Proc IEEE 98(1):100–122CrossRefGoogle Scholar
  5. Chang G, Arianezhad M, Trajković L (2016) Using resource public key infrastructure for secure border gateway protocol. In: 2016 IEEE Canadian conference on electrical and computer engineering (CCECE), pp 1–6. IEEEGoogle Scholar
  6. Conejo AJ, Plazas MA, Espinola R, Molina AB (2005) Day-ahead electricity price forecasting using the wavelet transform and ARIMA models. IEEE Trans Power Syst 20(2):1035–1042CrossRefGoogle Scholar
  7. Cooper D, Santesson S, Farrell S, Boeyen S, Housley R, Polk W (2008) Internet X. 509 public key infrastructure certificate and certificate revocation list (CRL) profile (No. RFC 5280)Google Scholar
  8. Deng W, Zhao H, Yang X, Xiong J, Sun M, Li B (2017a) Study on an improved adaptive PSO algorithm for solving multi-objective gate assignment. Appl Soft Comput 59:288–302CrossRefGoogle Scholar
  9. Deng W, Zhao H, Zou L, Li G, Yang X, Wu D (2017b) A novel collaborative optimization algorithm in solving complex optimization problems. Soft Comput 21(15):4387–4398CrossRefGoogle Scholar
  10. Deng W, Xu J, Zhao H (2019) An improved ant colony optimization algorithm based on hybrid strategies for scheduling problem. IEEE Access 7:20281–20292CrossRefGoogle Scholar
  11. Goodell G, Aiello W, Griffin T, Ioannidis J, McDaniel PD, Rubin AD (2003) Working around BGP: an incremental approach to improving security and accuracy in interdomain routing. In: NDSS, vol 23, p 156Google Scholar
  12. Gupta A, Vanbever L, Shahbaz M, Donovan SP, Schlinker B, Feamster N, Katz-Bassett E (2015) Sdx: a software defined internet exchange. ACM SIGCOMM Comput Commun Rev 44(4):551–562CrossRefGoogle Scholar
  13. Hu X, Mao ZM (2007) Accurate real-time identification of IP prefix hijacking. In: 2007 IEEE symposium on security and privacy (SP’07), pp 3–17. IEEEGoogle Scholar
  14. Hyndman RJ, Khandakar Y (2007) Automatic time series for forecasting: the forecast package for R (No. 6/07). Clayton VIC, Australia: Monash University, Department of Econometrics and Business StatisticsGoogle Scholar
  15. Karaoglu HT, Yuksel M (2013) Offloading routing complexity to the cloud (s). In: 2013 IEEE international conference on communications workshops (ICC), pp 1367–1371. IEEEGoogle Scholar
  16. Karlin J, Forrest S, Rexford J (2008a) Autonomous security for autonomous systems. Comput Netw 52(15):2908–2923CrossRefGoogle Scholar
  17. Karlin J, Forrest S, Rexford J (2008b) Autonomous security for autonomous systems. Comput Netw 52(15):2908–2923CrossRefGoogle Scholar
  18. Kent ST (2003) Securing the border gateway protocol: a status update. In: IFIP international conference on communications and multimedia security. Springer, Berlin, pp 40–53CrossRefGoogle Scholar
  19. Kent S, Lynn C, Seo K (2000) Secure border gateway protocol (S-BGP). IEEE J Sel Areas Commun 18(4):582–592CrossRefGoogle Scholar
  20. Kinga F (2015) CUSUM anomaly detection (CAD)—a novel anomaly detection algorithm in public group Portland-Data-Science-Group-events-226361104Google Scholar
  21. Kurt MN, Yilmaz Y, Wang X (2018) Real-time nonparametric anomaly detection in high-dimensional settings. arXiv preprint arXiv:1809.05250
  22. Lin P, Bi J, Hu H (2016) BTSDN: BGP-based transition for the existing networks to SDN. Wirel Pers Commun 86(4):1829–1843CrossRefGoogle Scholar
  23. Murphy S (2005) BGP security vulnerabilities analysis (No. RFC 4272)Google Scholar
  24. Ng J (2004) Extensions to BGP to support secure origin BGP (soBGP). Internet DraftGoogle Scholar
  25. NOCTION (2018) BGP hijacking overview. Routing incidents prevention and defense mechanisms. (Updated) in
  26. Sahrish KT, Nadeem ST (2016) Routing techniques in software defined networks: a survey IEEE (IBCAST 2016), Islamabad, PakistanGoogle Scholar
  27. Schlamp J, Carle G, Biersack EW (2012) How to prevent AS hijacking attacks. In: Proceedings of the 2012 ACM conference on CoNEXT student workshop, pp 29–30. ACMGoogle Scholar
  28. Schlamp J, Holz R, Jacquemart Q, Carle G, Biersack EW (2016) HEAP: reliable assessment of BGP hijacking attacks. IEEE J Sel Areas Commun 34(6):1849–1861CrossRefGoogle Scholar
  29. Scott-Hayward S, O’Callaghan G, Sezer S (2013) SDN security: a survey. In IEEE SDN For Future Networks and Services (SDN4FNS, pp 1–7Google Scholar
  30. Sermpezis P, Kotronis V, Gigis P, Dimitropoulos X, Cicalese D, King A, Dainotti A (2018) ARTEMIS: neutralizing BGP hijacking within a minute. IEEE/ACM Trans Netw 26(6):2471–2486CrossRefGoogle Scholar
  31. Yan H, Oliveira R, Burnett K, Matthews D, Zhang L, Massey D (2009) BGPmon: a real-time, scalable, extensible monitoring system. In: 2009 cybersecurity applications and technology conference for homeland security, pp 212–223. IEEEGoogle Scholar
  32. Yaping L, Wenping D, Zhihong L, Feng H (2015) 3S: three-signature path authentication for BGP security. Secur Commun Netw 3:3002–3014Google Scholar
  33. Yun JK, Song JH (2016) Policy-based AS path verification with enhanced comparison algorithm to prevent 1-hop AS Path Hijacking in real time. Int J Multimed Ubiquitous Eng 11(1):11–22CrossRefGoogle Scholar
  34. Yun JK, Hong B, Kim Y (2015) The policy-based AS_PATH verification to prevent 1-hop as path hijacking by monitoring BGP live streams. Int J Adv Secur 8(1 & 2):2015Google Scholar
  35. Zhao J, Wen Y (2013) Evaluation on the influence of internet prefix hijacking events. Comput Sci Inf Syst 10(2):611–631CrossRefGoogle Scholar
  36. Zhao M, Smith SW, Nicol DM (2005) The performance impact of BGP security. IEEE Netw 19(6):42–48CrossRefGoogle Scholar
  37. Zhao H, Yao R, Xu L, Yuan Y, Li G, Deng W (2018) Study on a novel fault damage degree identification method using high-order differential mathematical morphology gradient spectrum entropy. Entropy 20(9):682CrossRefGoogle Scholar
  38. Zhao H, Zheng J, Xu J, Deng W (2019) Fault diagnosis method based on principal component analysis and broad learning system. IEEE Access 7:99263–99272CrossRefGoogle Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Department of Computer Science and EngineeringSRM UniversityKattankulathurIndia

Personalised recommendations