University of Twente Student Theses

Login

A Longitudinal Analysis of Short-Lived MOAS Prefixes on the Global Routing Table

Akkaya, Emir (2025) A Longitudinal Analysis of Short-Lived MOAS Prefixes on the Global Routing Table.

[img] PDF
568kB
Abstract:The Border Gateway Protocol (BGP) serves as the backbone of the global Internet, enabling Autonomous Systems (ASes) to exchange routing information and direct traffic effectively. A Multiple-Origin Autonomous System (MOAS) event occurs when the same IP prefix is simultaneously announced by multiple origin ASes. MOAS events are typically classified as long-lived or short-lived based on their duration. MOAS events may arise from benign causes like multi-homing, misconfigurations, or malicious activity. However, the transient nature of short-lived MOAS events poses challenges for detection and analysis. Over the past decade, advancements in routing security measures, such as RPKI adoption, and changes in AS behaviors have influenced the characteristics of MOAS events, yet their impact on short-lived events remains underexplored. This study addresses these gaps by conducting a long-term analysis of short-lived MOAS events, investigating their occurrence rates, underlying factors, and temporal trends. We develop a suspicion detection framework to assess potentially malicious ASes and evaluate how AS attributes have evolved over time. The findings contribute to a deeper understanding of short-lived MOAS events and their implications for global routing security.
Item Type:Essay (Bachelor)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science BSc (56964)
Link to this item:https://purl.utwente.nl/essays/105100
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page