Understanding the impact of outsourcing mitigation against BGP prefix hijacking

Abstract

BGP prefix hijacking caused by a misconfiguration or malicious route announcements brings great trouble to today’s Internet. Outsourcing mitigation is a recently proposed automatic hijacking mitigation method. It mitigates hijacking incidents by attracting and redirecting the hijacked traffic to the origin AS so the deployment of the AS that performs the attracting and redirecting behaviors is important for improving the effectiveness of mitigation. However, traditional methods fail to guarantee mitigation effectiveness, i.e., simply selecting the neighbor AS of the origin AS to mitigate. Therefore, how to measure the mitigation effectiveness of different ASes and effectively select the mitigators are key issues of outsourcing mitigation.In this paper, to measure the mitigation effectiveness of ASes, (1) we use a new metric for evaluating the mitigation effectiveness, and propose a strategy called AS Reachability Influence Selection (ARS) for effectively selecting ASes with high mitigation effectiveness. (2) We conduct extensive analysis to deeply study different characteristics (e.g., AS type, degree, provider, region) that influence the mitigation effectiveness. As the results show, ARS can put ASes with high mitigation effectiveness in front. The results also show that ASes with many Tier-1 providers or high tier providers may achieve higher mitigation effectiveness than Tier-1 ASes.