Uncovering BGP Action Communities and Community Squatters in the Wild
Authors: 
Brivaldo Alves da Silva, Jr., Adriano Bastos de Carvalho, Italo Cunha, Timur Friedman, Ethan Katz-Bassett, Ronaldo Alves FerreiraAuthors Info & Claims
Brivaldo Alves da Silva, Jr., Adriano Bastos de Carvalho, Italo Cunha, Timur Friedman, Ethan Katz-Bassett, Ronaldo Alves FerreiraAuthors Info & ClaimsArticle No.: 49, Pages 1 - 23
Abstract
The Border Gateway Protocol (BGP) offers several "knobs" to control routing decisions, but they are coarse-grained and only affect routes received from neighboring Autonomous Systems (AS). To enhance policy expressiveness, BGP was extended with the communities attribute, allowing an AS to attach metadata to routes and influence the routing decisions of a remote AS. The metadata can carry information to (e.g., where a route was received) or request an action from a remote AS (e.g., not to export a route to one of its neighbors). Unfortunately, the semantics of BGP communities are not standardized, lack universal rules, and are poorly documented. In this work, we design and evaluate algorithms to automatically uncover BGP action communities and ASes that violate standard practices by consistently using the information communities of other ASes, revealing undocumented relationships between them (e.g., siblings). Our experimental evaluation with billions of route announcements from public BGP route collectors from 2018 to 2023 uncovers previously unknown AS relationships and shows that our algorithm for identifying action communities achieves average precision and recall of 92.5% and 86.5%, respectively.
References
[1]
AMX-IX. 2023. AMS-IX Route Servers.
[2]
Ruwaifa Anwar, Haseeb Niaz, David Choffnes, Ítalo Cunha, Phillipa Gill, and Ethan Katz-Bassett. 2015. Investigating Interdomain Routing Policies in the Wild. In Proceedings of the 2015 Internet Measurement Conference. ACM, Tokyo, Japan, 71--77. https://doi.org/10.1145/2815675.2815712
[3]
Augusto Arturi, Esteban Carisimo, and Fabián E Bustamante. 2023. as2org: Enriching AS-to-Organization Mappings with PeeringDB. In International Conference on Passive and Active Network Measurement. Springer, Springer, Springer Nature Switzerland, 400--428.
[4]
Henry Birge-Lee, Maria Apostolaki, and Jennifer Rexford. 2024. Global BGP Attacks that Evade Route Monitoring. arxiv: 2408.09622 [cs.CR] https://arxiv.org/abs/2408.09622
[5]
Henry Birge-Lee, Liang Wang, Jennifer Rexford, and Prateek Mittal. 2019. SICO: Surgical Interception Attacks by Manipulating BGP Communities. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (CCS '19). ACM Press, London, United Kingdom, 431--448. https://doi.org/10.1145/3319535.3363197
[6]
Business Wire. 2019. GTT Completes Acquisition of KPN International. https://www.businesswire.com/news/home/20191202005214/en/GTT-Completes-Acquisition-of-KPN-International.
[7]
CAIDA. 2022. The CAIDA AS Relationships Dataset, 2022--12-01. https://www.caida.org/catalog/datasets/as-relationships/.
[8]
Zhiyi Chen, Zachary S Bischof, Cecilia Testart, and Alberto Dainotti. 2023. Improving the Inference of Sibling Autonomous Systems. In International Conference on Passive and Active Network Measurement. Springer, Springer, Springer Nature Switzerland, 345--372.
[9]
Davide Chicco and Giuseppe Jurman. 2020. The Advantages of the Matthews Correlation Coefficient (MCC) over F1 Score and Accuracy in Binary Classification Evaluation. BMC genomics, Vol. 21 (2020), 1--13.
[10]
Davide Chicco, Niklas Tötsch, and Giuseppe Jurman. 2021. The Matthews Correlation Coefficient (MCC) is More Reliable than Balanced Accuracy, Bookmaker Informedness, and Markedness in Two-Class Confusion Matrix Evaluation. BioData mining, Vol. 14 (2021), 1--22.
[11]
Harald Cramér. 1999. Mathematical Methods of Statistics. Vol. 26. Princeton University Press, 41 William St, Princeton, NJ 08540.
[12]
Brivaldo A. da Silva Jr, Adriano B. de Carvalho, Ítalo Cunha, Timur Friedman, Ethan Katz-Bassett, and Ronaldo A. Ferreira. 2024. BGP Action Communities -- Supplemental Material. https://github.com/TopoMapping/bgp-action-communities
[13]
Benoit Donnet. 2009. Incentives for BGP Guided IP-Level Topology Discovery. In International Workshop on Traffic Monitoring and Analysis. Springer, Springer, Springer Berlin Heidelberg, 101--108.
[14]
Benoit Donnet and Olivier Bonaventure. 2008. On BGP Communities. ACM SIGCOMM Computer Communication Review, Vol. 38, 2 (2008), 55--59.
[15]
Jerome Durand, Ivan Pepelnjak, and Gert Döring. 2015. BGP7454: BGP Operations and Security. Technical Report. RFC 7454, February.
[16]
Anja Feldmann, Olaf Maennel, Z. Morley Mao, Arthur Berger, and Bruce Maggs. 2004. Locating Internet Routing Instabilities. In Proceedings of the 2004 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (Portland, Oregon, USA) (SIGCOMM '04). ACM, New York, NY, USA, 205--218. https://doi.org/10.1145/1015467.1015491
[17]
Lixin Gao. 2001. On Inferring Autonomous System Relationships in the Internet. IEEE/ACM Transactions on Networking, Vol. 9, 6 (2001), 733--745. https://doi.org/10.1109/90.974527
[18]
Vasileios Giotsas, Christoph Dietzel, Georgios Smaragdakis, Anja Feldmann, Arthur Berger, and Emile Aben. 2017. Detecting Peering Infrastructure Outages in the Wild. In Proceedings of the Conference of the ACM Special Interest Group on Data Communication. ACM, New York, NY, USA, 446--459. https://doi.org/10.1145/3098822.3098855 event-place: Los Angeles, CA, USA.
[19]
Vasileios Giotsas, Thomas Koch, Elverton Fazzion, Ítalo Cunha, Matt Calder, Harsha V Madhyastha, and Ethan Katz-Bassett. 2020. Reduce, Reuse, Recycle: Repurposing Existing Measurements to Identify Stale Traceroutes. In Proceedings of the ACM Internet Measurement Conference (Virtual Event, USA) (IMC '20). ACM Press, New York, NY, USA, 247--265. https://doi.org/10.1145/3419394.3423654
[20]
Vasileios Giotsas, Matthew Luckie, Bradley Huffaker, and kc claffy. 2014. Inferring Complex AS Relationships. In Proceedings of the ACM Internet Measurement Conference (Vancouver, BC, Canada) (IMC '14). ACM Press, New York, NY, USA, 23--30. https://doi.org/10.1145/2663716.2663743
[21]
Vasileios Giotsas, Philipp Richter, Georgios Smaragdakis, Anja Feldmann, Christoph Dietzel, and Arthur Berger. 2017. Inferring BGP blackholing activity in the internet. In Proceedings of the ACM Internet Measurement Conference. ACM Press, London, United Kingdom, 1--14. https://doi.org/10.1145/3131365.3131379
[22]
Netherlands Network Operator Group. 2024. NLNOG Looking Glass - Known communities. https://github.com/NLNOG/lg.ring.nlnog.net/tree/main/communities
[23]
J Heitz, J Snijders, K Patel, I Bagdonas, and N Hilliard. 2017. RFC8092: BGP Large Communities Attribute. https://www.rfc-editor.org/rfc/rfc8092.txt
[24]
CISCO Inc. 2021. CISCO Route-Map. https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/49111-route-map-bestp.html [Online; accessed 11-Oct-2021].
[25]
Yuchen Jin, Colin Scott, Amogh Dhamdhere, Vasileios Giotsas, Arvind Krishnamurthy, and Scott Shenker. 2019. Stable and Practical AS Relationship Inference with ProbLink. In 16th USENIX Symposium on Networked Systems Design and Implementation (NSDI 19). USENIX Association, Boston, MA, 581--598. https://www.usenix.org/conference/nsdi19/presentation/jin
[26]
Thomas Krenc, Robert Beverly, and Georgios Smaragdakis. 2020. Keep Your Communities Clean: Exploring the Routing Message Impact of BGP Communities. In Proceedings of the 16th International Conference on Emerging Networking EXperiments and Technologies (Barcelona, Spain). ACM Press, New York, NY, USA, 443--450. https://doi.org/10.1145/3386367.3432731
[27]
Thomas Krenc, Robert Beverly, and Georgios Smaragdakis. 2021. AS-Level BGP Community Usage Classification. In Proceedings of the 21st ACM Internet Measurement Conference (Virtual Event) (IMC '21). Association for Computing Machinery, New York, NY, USA, 577--592. https://doi.org/10.1145/3487552.3487865
[28]
Thomas Krenc, Matthew Luckie, Alexander Marder, and kc claffy. 2023. Coarse-grained Inference of BGP Community Intent. In Proceedings of the 2023 ACM on Internet Measurement Conference. ACM, Montréal, Canada, 66--72.
[29]
Warren Kumari and Kotikalapudi Sriram. 2011. RFC 6472-Recommendation for Not Using AS_SET and AS_CONFED_SET in BGP.
[30]
Tony Li, Ravi Chandra, and Paul S. Traina. 1996. BGP Communities Attribute. RFC 1997. https://doi.org/10.17487/RFC1997
[31]
Zhihao Li, Dave Levin, Neil Spring, and Bobby Bhattacharjee. 2018. Internet Anycast: Performance, Problems, & Potential. In Proceedings of the 2018 Conference of the ACM Special Interest Group on Data Communication (SIGCOMM '18). ACM Press, Budapest, Hungary, 59--73. https://doi.org/10.1145/3230543.3230547
[32]
Matthew Luckie, Bradley Huffaker, Amogh Dhamdhere, Vasileios Giotsas, and kc claffy. 2013. AS Relationships, Customer Cones, and Validation. In Proceedings of the ACM Internet Measurement Conference (Barcelona, Spain) (IMC '13). ACM Press, Barcelona, Spain, 243--256.
[33]
Brian W Matthews. 1975. Comparison of the Predicted and Observed Secondary Structure of T4 Phage Lysozyme. Biochimica et Biophysica Acta (BBA)-Protein Structure, Vol. 405, 2 (1975), 442--451.
[34]
Fabricio Mazzola, Pedro Marcos, and Marinho Barcellos. 2022. Light, Camera, Actions: Characterizing the Usage of IXPs' Action BGP Communities. In Proceedings of the 18th International Conference on Emerging Networking EXperiments and Technologies (Roma, Italy) (CoNEXT '22). Association for Computing Machinery, New York, NY, USA, 196--203.
[35]
David Meyer. 1997. University of Oregon Route Views Archive Project.
[36]
Rich Miller. 2011. Level 3 Buys Global Crossing for $3 Billion. https://www.datacenterknowledge.com/archives/2011/04/11/level-3-buys-global-crossing-for-3-billion.
[37]
Alexandros Milolidakis, Tobias Bühler, Kunyu Wang, Marco Chiesa, Laurent Vanbever, and Stefano Vissicchio. 2023. On the Effectiveness of BGP Hijackers That Evade Public Route Collectors. IEEE Access, Vol. 11 (2023), 31092--31124.
[38]
Wolfgang Mühlbauer, Anja Feldmann, Olaf Maennel, Matthew Roughan, and Steve Uhlig. 2006. Building an AS-Topology Model that Captures Route Diversity. ACM Computer Communication Review, Vol. 36, 4 (2006), 195--206.
[39]
Ricardo Oliveira, Dan Pei, Walter Willinger, Beichuan Zhang, and Lixia Zhang. 2009. The (In) completeness of the Observed Internet AS-level Structure. IEEE/ACM Transactions on Networking, Vol. 18, 1 (2009), 109--122.
[40]
Lars Prehn and Anja Feldmann. 2021. How Biased is Our Validation (data) for AS Relationships?. In Proceedings of the 21st ACM Internet Measurement Conference. ACM, New York, US, 612--620.
[41]
Isolario Project. 2019. BGPScanner. https://gitlab.com/Isolario/bgpscanner [Online; accessed 25-April-2024].
[42]
Yakov Rekhter. 2006. RFC 4271: A Border Gateway Protocol 4 (BGP-4). https://www.rfc-editor.org/rfc/rfc4271
[43]
Y Rekhter and T Li. 1994. RFC1654: A Border Gateway Protocol 4 (BGP-4).
[44]
NCC RIPE. 2021. RIPE RIS Project.
[45]
Loqman Salamatian, Todd Arnold, Ítalo Cunha, Jiangchen Zhu, Yunfan Zhang, Ethan Katz-Bassett, and Matt Calder. 2023. Who Squats IPv4 Addresses? ACM SIGCOMM Computer Communication Review, Vol. 53, 1 (2023), 48--72.
[46]
Martin Sendra, Rudy Sutrisno, Josep Harianata, Derwin Suhartono, and Almodad Biduk Asmani. 2016. Enhanced Latent Semantic Analysis by Considering Mistyped Words in Automated Essay Scoring. In International Conference on Informatics and Computing (ICIC'16). IEEE, Lombok, Indonesia, 304--308. https://doi.org/10.1109/IAC.2016.7905734
[47]
Brivaldo A Silva Jr, Paulo Mol, Osvaldo Fonseca, Italo Cunha, Ronaldo A Ferreira, and Ethan Katz-Bassett. 2022. Automatic Inference of BGP Location Communities. Proceedings of the ACM on Measurement and Analysis of Computing Systems, Vol. 6, 1 (2022), 1--23.
[48]
One Step. 2022. One Step. https://onestep.net/communities/
[49]
Florian Streibelt, Franziska Lichtblau, Robert Beverly, Anja Feldmann, Cristel Pelsser, Georgios Smaragdakis, and Randy Bush. 2018. BGP Communities: Even More Worms in the Routing Can. In Proceedings of the Internet Measurement Conference 2018 (Boston, MA, USA) (IMC '18). ACM, New York, NY, USA, 279--292. https://doi.org/10.1145/3278532.3278557
[50]
Dan Tappan, Srihari R. Sangli, and Yakov Rekhter. 2006. BGP Extended Communities Attribute. https://doi.org/10.17487/RFC4360
[51]
Richard Wray and Dan Milmo. 2005. Watchdog clears BSkyB acquisition of Easynet. The Guardian. https://www.theguardian.com/technology/2005/dec/31/news.citynews.
[52]
Jianhong Xia and Lixin Gao. 2004. On the Evaluation of AS Relationship Inferences [Internet Reachability/Traffic Flow Applications]. In IEEE Global Telecommunications Conference, 2004. GLOBECOM '04., Vol. 3. IEEE, Dallas, TX, USA, 1373--1377 Vol.3. https://doi.org/10.1109/GLOCOM.2004.1378209
[53]
Man Zeng, Dandan Li, Pei Zhang, Kun Xie, and Xiaohong Huang. 2023. Federated route leak detection in inter-domain routing with privacy guarantee. ACM Transactions on Internet Technology, Vol. 23, 1 (2023), 1--22.
Index Terms
- Uncovering BGP Action Communities and Community Squatters in the Wild
Recommendations
Automatic Inference of BGP Location Communities
POMACSThe Border Gateway Protocol (BGP) orchestrates Internet communications between and inside Autonomous Systems. BGP's flexibility allows operators to express complex policies and deploy advanced traffic engineering systems. A key mechanism to provide this ...
Automatic Inference of BGP Location Communities
SIGMETRICS '22We present a set of techniques to infer the semantics of BGP communities from public BGP data. Our techniques infer communities related to the entities or locations traversed by a route by correlating communities with AS paths. We also propose a set of ...
Automatic Inference of BGP Location Communities
SIGMETRICS/PERFORMANCE '22: Abstract Proceedings of the 2022 ACM SIGMETRICS/IFIP PERFORMANCE Joint International Conference on Measurement and Modeling of Computer SystemsWe present a set of techniques to infer the semantics of BGP communities from public BGP data. Our techniques infer communities related to the entities or locations traversed by a route by correlating communities with AS paths. We also propose a set of ...
Comments
Information & Contributors
Information
Published In
December 2024
588 pages
EISSN:2476-1249
DOI:10.1145/3708555
- Editors:
- John C.S. Lui,
- Leana Golubchik,
- Zhi-Li Zhang
Copyright © 2024 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 13 December 2024
Published in POMACS Volume 8, Issue 3
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 142Total Downloads
- Downloads (Last 12 months)142
- Downloads (Last 6 weeks)17
Reflects downloads up to 25 Feb 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in