Abstract
The Internet uses Border Gateway Protocol (BGP) for exchange of routes and reachability information between Autonomous Systems (AS). Hence, BGP is subject to anomalous traffic that can cause problems with connectivity and traffic loss. Routing Table Leak (RTL), worm and power outage events are considered anomalous in the sense that they can disrupt the Internet routing and cause slowdowns of varying severity, which leads to packet delivery reliability issues. Deep learning, a subfield of machine learning, could be applied in detection of BGP anomalies. Studying RTL, worm, and power outage events are of interest to network operators and researchers alike. In this paper, we consider datasets of several events, all of which caused large-scale Internet outages. We use artificial neural network (ANN) models based on a backpropagation algorithm for anomalous event classification.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Rekhter, Y., Li, T., Hares, S.: A Border Gateway Protocol 4 (BGP-4). http://ietf.org/rfc/rfc4271 (2006). Accessed 20 June 2017
Manderson, T.: Multi-threaded routing toolkit (MRT) border gateway protocol (BGP) routing information export format with geo-location extensions. rfc6397.txt (2011). Accessed 20 November 2017
RIPE RIS raw data. http://www.ripe.net/data-tools/stats/ris/ris-raw-data
Ćosović, M., Obradović, S., Trajković, Lj.: Performance evaluation of BGP anomaly classifiers. In: Proceedings of the International Conference on Digital Information, Networking and Wireless Communication, pp. 115–120 (2015)
Cosovic, M., Obradovic, S., Trajkovic, L.J.: Classifying anomalous events in BGP datasets. In: Proceedings of the 29th Annual IEEE Canadian Conference on Electrical and Computer Engineering (CCECE 2016), pp. 697–700 (2016)
Cosovic, M., Obradovic, S.: Ensemble methods for classifying BGP anomalies. Ind. Technol. 4(1), 12–20 (2017)
Ćosović, M., Obradović, S., Junuz, E.: Deep learning for detection of BGP anomalies. In: Proceedings of International Work-Conference on Time Series (ITISE 2017), pp. 487–498 (2017)
Deng, L., Yu, D.: Deep learning: methods and applications. Found. Trends Signal Process. 7(3–4), 197–387 (2014)
Dau, H.A., Ciesielski, V., Song, A.: Anomaly detection using replicator neural networks trained on examples of one class. In: Proceedings of the 10th International Conference on Simulated Evolution and Learning, pp. 311–322 (2014)
Jadidi, Z., Muthukkumarasamy, V., Sithirasenan, E., Sheikhan, M.: Flow-based anomaly detection using neural network optimized with GSA algorithm. In: Proceedings of the 33rd IEEE International Conference on Distributed Computing Systems Workshops (ICDCSW’13), pp. 76–81 (2013)
Bishop, C.M.: Pattern Recognition and Machine Learning. Information Science and Statistics. Springer-Verlag New York Inc., Secaucus, NJ, USA (2006)
Popescu, A.C., Premore, B.J., Underwood, T.: Anatomy of a Leak: AS9121. https://www.nanog.org/meeting-archives/nanog34/presentations/underwood.pdf (2005). Accessed 20 November 2017
AWS Route Leak-North American Network Operators Group Mailing List. https://mailman.nanog.org/pipermail/nanog/2016-April/085410.html (2016). Accessed 20 June 2016
Telecom Malaysia AS4788 Route Leak-North American Network Operators Group Mailing List. https://mailman.nanog.org/pipermail/nanog/2015-June/076187.html (2015). Accessed 20 June 2016
Indosat Routing Table Leak-North American Network Operators Group Mailing List. https://mailman.nanog.org/pipermail/nanog/2014-April/065920.html (2014). Accessed 20 June 2016
Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S., Weaver, N.: Inside the Slammer Worm. IEEE Secur. Priv. 1(4), 33–39 (2003)
Schauer, R.C.: The mechanisms and effects of the Code Red worm. https://www.sans.org/reading-room/whitepapers/dlp/mechanisms-effects-code-red-worm-87 (2001). Accessed 20 November 2017
Moscow Power Blackout-North American Network Operators Group Mailing List. https://www.nanog.org/mailinglist/mailarchives/old_archive/2005-05/msg00650.html (2005). Accessed 20 June 2016
Levenshtein, V.I.: Binary codes capable of correcting deletions, insertions and reversals. Doklady Akademii Nauk SSSR 163(4), 845–848 (1965)
LeCun, Y., Bottou, L., Orr, G.B., Müller, K.-R.: Effiicient BackProp. In: Montavon, G., Orr, G.B., Müller, K.-R. (eds.) Neural Networks: Tricks of the Trade. LNCS, vol. 7700, pp. 9–48. Springer-Verlag, London, UK (1998)
Sriram, K., Montgomery, D., McPherson, D., Osterweil, E., Dickson, B.: Problem Definition and Classification of BGP Route Leaks. https://www.rfc-editor.org/rfc/rfc7908.txt (2016)
Mahajan, R., Wetherall, D., Anderson, T.: Understanding BGP misconfiguration. In: Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM’02), pp. 3–16 (2002)
Chollet, F.: Keras. https://github.com/fchollet/keras (2016)
Nair, V., Hinton, G.E.: Rectified linear units improve restricted Boltzmann machines. In: Proceedings of 27th International Conference on Machine Learning, pp. 807–814 (2010). Accessed 20 November 2017
Davis, J., Goadrich, M.: The relationship between precision-recall and ROC curves. In: Proceedings of 23rd International Conference on Machine Learning, pp. 233–240 (2006). Accessed 20 November 2017
Ćosović, M., Obradović, S.: BGP anomaly detection with balanced datasets. Tehnički vjesnik/Technical Gazette 25(3) (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Cosovic, M., Obradovic, S., Junuz, E. (2018). Deep Learning for Detection of BGP Anomalies. In: Rojas, I., Pomares, H., Valenzuela, O. (eds) Time Series Analysis and Forecasting. ITISE 2017. Contributions to Statistics. Springer, Cham. https://doi.org/10.1007/978-3-319-96944-2_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-96944-2_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-96943-5
Online ISBN: 978-3-319-96944-2
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)