Future Internet (Apr 2024)

Median Absolute Deviation for BGP Anomaly Detection

  • Maria Andrea Romo-Chavero,
  • Jose Antonio Cantoral-Ceballos,
  • Jesus Arturo Pérez-Díaz,
  • Carlos Martinez-Cagnazzo

DOI
https://doi.org/10.3390/fi16050146
Journal volume & issue
Vol. 16, no. 5
p. 146

Abstract

Read online

The stability and reliability of the global Internet infrastructure heavily rely on the Border Gateway Protocol (BGP), a crucial protocol that facilitates the exchange of routing information among various Autonomous Systems, ensuring seamless connectivity worldwide. However, BGP inherently possesses a susceptibility to abnormal routing behaviors, potentially leading to significant connectivity disruptions. Despite extensive efforts, accurately detecting and effectively mitigating such abnormalities persist as tough challenges. To tackle these, this article proposes a novel statistical approach employing the median absolute deviation under certain constraints to proactively detect anomalies in BGP. By applying advanced analysis techniques, this research offers a robust method for the early detection of anomalies, such as Internet worms, configuration errors, and link failures. This innovative approach has been empirically validated, achieving an accuracy rate of 90% and a precision of 95% in identifying these disruptions. This high level of precision and accuracy not only confirms the effectiveness of the statistical method employed but also marks a significant step forward for enhancing the stability and reliability of the global Internet infrastructure.

Keywords