0

I have to analyze a set of bgp-update-files using python and the pybgpstream with a given routing table file. My task is to analyze these update files regarding prefix hijacking events. As far as I know, analyzing these files means to look for all ASs that advertise prefixes that do not belong to them and list those events.

My current code just allows me to go through the directory and check all update files for prefixes and as-paths. Since I do not know how to use the routing table file (ground truth) in pybgpstream, i cannot go any further into analyzing the prefix ownership.

Has anybody a idea, how to check, whether a prefix belongs to a specified AS?

Philipp
  • 1
  • 1
    Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking. – Community Feb 14 '22 at 17:04

2 Answers2

0

As I am also currently working on that, I will leave you with two interesting papers that, for me, makes the state of the art in term of BGP hijack detection tools, which may be helpful for people interested in this topic:

xhluca
  • 868
  • 5
  • 22
hugo rimlinger
  • 1
-1

Think about what part of AS-Path called origin. Fix research results:

The last AS along the path to the prefix is considered to be the origin AS [https://www.cs.colostate.edu/~massey/pubs/conf/massey_imw01.pdf]

Little hint try to use scientific search engines additionaly to google ;)

user18260992
  • 1
  • 1
    Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Feb 20 '22 at 18:17