Detecting Internet-Scale Traffic Redirection Attacks using Latent Class Models
; de Oliveira, M.R.O
; Pacheco, A.
Detecting Internet-Scale Traffic Redirection Attacks using Latent Class Models, Proc 14th international conference on Information Assurance and Security IAS'2018, Porto, Portugal, Vol. , pp. - , December, 2018.
Digital Object Identifier:
Traffic redirection attacks based on BGP route hijacking has
been an increasing concern in Internet security worldwide. This paper
addresses the statistical detection of traffic redirection attacks based on
the RTT data collected by a network of probes spread all around the
world. Specifically, we use a Latent Class Model to combine the decisions
of individual probes on whether an Internet site is being attacked,
and use supervised learning methods to perform the probe decisions. We
evaluate the methods in a large number of scenarios, and compare them
with an empirically adjusted heuristic. Our method achieves very good
performance, superior to the heuristic one. Moreover, we provide a comprehensive
analysis of the merits of the Latent Class Model approach.