NCI WEBSITE
NORMA eResearch @NCI Library

Detecting Border gateway protocol (BGP) connectivity monitoring using machine learning and using security configurations

Tools

Killedar, Jasmine (2021) Detecting Border gateway protocol (BGP) connectivity monitoring using machine learning and using security configurations. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (1MB) | Preview
[thumbnail of Configuration manual]
Preview
 PDF (Configuration manual)
Download (406kB) | Preview

Abstract

Border Gateway Protocol (BGP) has been the inter domain routing protocol which was first described in 1989, the current version of BGP is version 4 which was published in 2006. Because of its destination-based routing, it is unable to select a precise end-to-end AS-level route. Border gateway protocol (BGP) still has on going issues related to security such as IP prefix hijacking attacks , Ddos attacks , man-in-the-middle attack , sniffing , routing to end points in malicious networks , creation of route instabilities and this is the only protocol that is connected to internet.

This article proposes a technique for monitoring the connectivity of suspected autonomous systems obtained via a software tracing IP prefix hijacking signature, which uses anomaly detection method, and I have also configured the devices using security commands which prevents any malicious attacker from hijacking the device which uses a comprehensive cross validation test to examine the approach's correctness.

Random forest method is used to deal hijacking of IP prefix. The primary characteristics are derived from the autonomous system path properties of autonomous systems that are possibly suspicious. The characteristics are a combination of the behavioural aspects of router connection

BGP in turn uses transmission control protocol (TCP) to establish the connection, there are many security flaws in the TCP standard such as it relies on IP source address for authentication and minimal or no authentication in network control mechanism example routing protocol , congestion control, flow control , ICMP messages, as well as additional flaws in some of its implementations. These flaws might allow an intruder to “uattack” TCP-based systems, allowing him or her to “hijack” a TCP connection or deny legitimate users service.

Item Type: Thesis (Masters)
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Q Science > Q Science (General) > Self-organizing systems. Conscious automata > Machine learning
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 19 Dec 2022 17:40
Last Modified: 07 Mar 2023 17:02
URI: https://norma.ncirl.ie/id/eprint/6015

Actions (login required)

View Item View Item