University of Twente Student Theses
A Longitudinal Analysis of Short-Lived MOAS Prefixes on the Global Routing Table
Akkaya, Emir (2025) A Longitudinal Analysis of Short-Lived MOAS Prefixes on the Global Routing Table.
PDF
568kB |
Abstract: | The Border Gateway Protocol (BGP) serves as the backbone of the global Internet, enabling Autonomous Systems (ASes) to exchange routing information and direct traffic effectively. A Multiple-Origin Autonomous System (MOAS) event occurs when the same IP prefix is simultaneously announced by multiple origin ASes. MOAS events are typically classified as long-lived or short-lived based on their duration. MOAS events may arise from benign causes like multi-homing, misconfigurations, or malicious activity. However, the transient nature of short-lived MOAS events poses challenges for detection and analysis. Over the past decade, advancements in routing security measures, such as RPKI adoption, and changes in AS behaviors have influenced the characteristics of MOAS events, yet their impact on short-lived events remains underexplored. This study addresses these gaps by conducting a long-term analysis of short-lived MOAS events, investigating their occurrence rates, underlying factors, and temporal trends. We develop a suspicion detection framework to assess potentially malicious ASes and evaluate how AS attributes have evolved over time. The findings contribute to a deeper understanding of short-lived MOAS events and their implications for global routing security. |
Item Type: | Essay (Bachelor) |
Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
Subject: | 54 computer science |
Programme: | Computer Science BSc (56964) |
Link to this item: | https://purl.utwente.nl/essays/105100 |
Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Repository Staff Only: item control page