Detecting Forged-Origin BGP Hijacks - A New System

Explore a cutting-edge system designed to detect forged-origin BGP hijacks in this 16-minute conference talk from NSDI '24. Delve into the world of Internet routing security as researchers from the University of Strasbourg, Internet Society, Georgia Tech, and UCLouvain present DFOH, a novel approach to quickly and consistently identify manipulated AS paths across the entire Internet. Learn about the challenges in detecting forged-origin hijacks, the limitations of current BGP anomaly detection methods, and the key features that make DFOH robust against real-world factors. Discover how this innovative system achieves a 90.9% detection rate within approximately 5 minutes while generating only about 17.5 suspicious cases daily, allowing operators to efficiently investigate and counteract potential threats to global routing integrity.