View article

Border gateway protocol (BGP) prefix hijacking is a critical threat to Internet organizations and users. Despite the availability of several defense approaches (ranging from RPKI to popular third-party services), none of them solves the problem adequately in practice. In fact, they suffer from: (i) lack of detection comprehensiveness, allowing sophisticated attackers to evade detection; (ii) limited accuracy, especially in the case of third-party detection; (iii) delayed verification and mitigation of incidents, reaching up to days; and (iv) lack of privacy and of flexibility in post-hijack counteractions, on the side of network operators. In this paper, we propose ARTEMIS, a defense approach (a) based on accurate and fast detection operated by the autonomous system itself, leveraging the pervasiveness of publicly available BGP monitoring services and their recent shift towards real-time streaming and thus (b) enabling flexible and …