liu.seSearch for publications in DiVA
Change search
ReferencesLink to record
Permanent link

Direct link
PrefiSec: A Distributed Alliance Framework for Collaborative BGP Monitoring and Prefix-based Security
Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
2014 (English)In: Proc. ACM CCS Workshop on Information Sharing and Collaborative Security (ACM WISCS @CCS), ACM Digital Library, 2014, 3-12 p.Conference paper (Refereed)
Abstract [en]

This paper presents the design and data-driven overhead analysis of PrefiSec, a distributed framework that helps collaborating organizations to effectively maintain and share network information in the fight against miscreants. PrefiSec is a novel distributed IP-prefix-based solution, which maintains information about the activities associated with IP prefixes (blocks of IP addresses) and autonomous systems (AS). Within PrefiSec, we design and evaluate simple and scalable mechanisms and policies that allow participating entities to effectively share network information, which helps to protect against prefix/subprefix attacks, interception attacks, and a wide range of edge-based attacks, such as spamming, scanning, and botnet activities. Timely reporting of such information helps participants improve their security, keep their security footprints clean, and incentivizes participation. Public wide-area BGP-announcements, traceroutes, and simulations are used to estimate the overhead, scalability, and alert rates. Our results show that PrefiSec helps improve system security, and can scale to large systems.

Place, publisher, year, edition, pages
ACM Digital Library, 2014. 3-12 p.
Keyword [en]
BGP Monitoring; Prefix-based Security; Collaboration; Distributed Alliance Framework; Interception; Hijack
National Category
Computer Science
Identifiers
URN: urn:nbn:se:liu:diva-118733DOI: 10.1145/2663876.2663879ISBN: 978-1-4503-3151-7OAI: oai:DiVA.org:liu-118733DiVA: diva2:816594
Conference
Proc. ACM CCS Workshop on Information Sharing and Collaborative Security (ACM WISCS @CCS), Scottsdale, AZ, Nov. 2014.
Available from: 2015-06-03 Created: 2015-06-03 Last updated: 2015-06-18

Open Access in DiVA

No full text

Other links

Publisher's full text

Search in DiVA

By author/editor
Hiran, RahulCarlsson, NiklasShahmehri, Nahid
By organisation
Database and information techniquesFaculty of Science & Engineering
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Altmetric score

Total: 48 hits
ReferencesLink to record
Permanent link

Direct link