Accurate real-time identification of malicious BGP hijacks
US10148690B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 21, 2015 |
| Grant date | Dec 4, 2018 |
| Priority date | — |
| Expiry date | Sep 27, 2036 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1425
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system and method for detecting malicious hijack events in real-time is provided. The method may include receiving routing data associated with a Border Gateway Protocol (BGP) event from at least one BGP router. The method may further include generating a hijack detection model using a machine learning technique, such as Positive Unlabeled learning. The machine learning technique may include at least one data input and a probability output; wherein, the data input couples to receive a set of historically confirmed BGP hijacking data and the routing data, while the probability output transmits a probability value for the malicious event which may be calculated based upon the data input. Finally, the method may include classifying the BGP event as a malicious event or a benign event using the BGP hijack model and correcting routing tables that have been corrupted by a malicious event.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.