Abstract: Border Gateway Protocol (BGP) is utilized to send and receive data packets over the internet. Over the years, this protocol has suffered from some massive hits, caused by worms, such as Nimda, Slammer, Code Red etc., hardware failures, and/or prefix hijacking. This caused obstruction of services to many. However, Identification of anomalous messages traversing over BGP allows discovering of such attacks in time. In this paper, a Machine Learning approach has been applied to identify such BGP messages. Principal Component Analysis technique was applied for reducing dimensionality up to 2 components, followed by generation of Decision Tree, Random Forest, AdaBoost and GradientBoosting classifiers. On fine tuning the parameters, the random forest classifier generated an accuracy of 97.84%, the decision tree classifier followed closely with an accuracy of 97.38%. The GradientBoosting Classifier gave an accuracy of 95.41% and the AdaBoost Classifier gave an accuracy of 94.43%.
Border Gateway Protocol (BGP) is a vital protocol on the internet for transfer of data packets among Autonomous System (AS). Security is a major concern for the transmission of BGP packets which are often attacked by worms or are hijacked by an attacker which results in requests entering black holes or loss of connection to the particular sites. The BGP anomalies can be reduced by analyzing the BGP datasets. Since, ASes communicate through messages, therefore, the anomalies can be reduced by identifying the corrupted BGP message in the dataset. In this paper, BGP anomalies have been classified by applying Machine learning (ML) algorithms. The dataset contains information about the sending and receiving time between ASes. The classifiers were used to predict the anomalies. Since the dataset had high dimensions, the dimensions were reduced using Linear Discriminant Analysis (LDA) and then Support Vector Machines (SVM), K-Nearest Neighbors (KNN), Linear Regression, Logistic Regression and Multi-Layer Perceptron (MLP) have been used to classify the anomalies.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.