Science & Technology

Channels: Science & Technology | Financial Markets | Artificial Intelligence | Blockchain


MIT CSAIL's AI detects possible IP address hijacking

[2019.10.09, Wed 04:05] The work informed a set of metrics to which the team applied an AI algorithm to evaluate their accuracy in identifying hijackers' patterns. "Our findings have thus relevance for the operator community, since they can potentially [allow] for preventive defense. Our findings are also of relevance to the broader research community, since they provide viable input for new hijacking detection systems, as well as for the development of reputation metrics and scoring systems." During a typical BGP hijack, a malicious actor fools nearby networks into routing data through a compromised system to specific IP addresses. Hijackers' blocks usually disappear faster than those of legitimate networks, the model found, and malicious networks tend to advertise many more blocks of IP addresses. Network operators use BGP to defend against distributed denial-of-service attacks by modifying the route, which looks virtually identical to an actual hijack. They say it managed to identify about 800 suspicious networks in all, including some that had been hijacking IP addresses for years. "Network operators normally have to handle such incidents reactively and on a case-by-case basis, making it easy for cybercriminals to continue to thrive It's like a game of Telephone, where you know who your nearest neighbor is, but you don't know the neighbors 5 or 10 nodes away," said MIT graduate student and lead author Cecilia Testart, who leaves to future work models that require less human supervision and that could be deployed in production environments.
Read on VentureBeat.com >   Google the news >>

<< Back


(c) 2019 Geo Glance