Caracterização da Vulnerabilidade a Sequestros de Prefixo de Sistemas Autônomos Militares

Adriano B. Carvalho; Pedro de B. Marcos; Fabrício S. de Paula; Carlos Alberto da Silva; Ronaldo A. Ferreira

doi:10.5753/sbrc.2025.5826

Adriano B. Carvalho UFMS / EB http://orcid.org/0009-0005-9424-3103
Pedro de B. Marcos FURG http://orcid.org/0000-0001-7547-5674
Fabrício S. de Paula UEMS https://orcid.org/0009-0001-9797-1406
Carlos Alberto da Silva UFMS https://orcid.org/0000-0002-6915-3211
Ronaldo A. Ferreira UFMS https://orcid.org/0000-0002-9144-7187

DOI: https://doi.org/10.5753/sbrc.2025.5826

Abstract

The cyber domain has become a new front for attacks, as observed in recent conflicts. Although the military employs segregated networks for tactical communications, the use of the Internet for certain services makes them vulnerable to attacks, including prefix hijacking. Current protection tools against prefix hijacking are insufficient or can be easily bypassed. This study uses an extensive set of simulations with real-world data to characterize the vulnerability of 29 military networks to prefix hijacking, revealing that networks with higher connectivity and geographically distributed neighbors are less affected. However, up to 77% of attacks can go undetected, even with the best tool currently available for detecting forged-origin hijacks. The study also explores ways to enhance the routing system’s robustness for these networks.

Keywords: Interdomain Routing, BGP, Prefix Hijack, Internet Security

References

Azimov, A. et al. (2025). BGP AS PATH Verification Based on Autonomous System Provider Authorization (ASPA) Objects. Internet-draft, IETF. Work in Progress.

Barreto, R. P. et al. (2024). Poster: Traffic engineering security implications. In Proc. of ACM IMC’24, page 771–772.

Birge-Lee, H. et al. (2022). Creating a Secure Underlay for the Internet. In USENIX Security‘ 22, pages 2601–2618.

Bühler, T. et al. (2023). Oscilloscope: Detecting BGP Hijacks in the Data Plane. arXiv preprint arXiv:2301.12843.

Bush, R. and Austein, R. (2017). The Resource Public Key Infrastructure (RPKI) to Router Protocol, Version 1. RFC 8210.

CAIDA (2015). AS Relationships (Serial-2). [link].

Carvalho, A. B. et al. (2025). Material Suplementar - Código Fonte e Dados. [link].

Electric, H. (2024). Hurricane Electric Internet Services. [link].

Fonseca, O. et al. (2020). Tracking Down Sources of Spoofed IP Packets. In Proc. of 2020 IFIP Networking Conference (Networking), pages 208–216.

Gao, L. and Rexford, J. (2001). Stable Internet Routing Without Global Coordination. IEEE/ACM Transactions on Networking, 9(6):681–692.

Holterbach, T., Alfroy, T., Phokeer, A. D., Dainotti, A., and Pelsser, C. (2024). A System to Detect Forged-Origin Hijacks. In Proc. of the 21th USENIX NSDI.

Lad, M., Massey, D., Pei, D., Wu, Y., Zhang, B., and Zhang, L. (2006). PHAS: A Prefix Hijack Alert System. In USENIX Security Symposium, volume 1, page 3.

Lepinski, M. and Sriram, K. (2017). BGPsec Protocol Specification. RFC 8205.

Li, W. et al. (2023). RoVista: Measuring and Analyzing the Route Origin Validation (ROV) in RPKI. In ACM IMC 2023, page 73–88, New York, NY, USA.

Liu, Y., Su, J., and Chang, R. K. (2012). LDC: Detecting BGP Prefix Hijacking by Load Distribution Change. In 2012 IEEE 26th IPDPS Workshops, pages 1197–1203.

Madory, D. (2022). BGP Hijack of Twitter by Russian ISP. [link].

Marcos, P. et al. (2020). AS-Path Prepending: There Is No Rose Without a Thorn. In Proc. ACM IMC'20, page 506–520.

Mcgregor, T., Alcock, S., and Karrenberg, D. (2010). The RIPE NCC Internet Measurement Data Repository. In Int. Conf. on Passive and Active Network Measurement.

Meyer, D. (1997). University of Oregon Route Views Archive Project.

Milolidakis, A. et al. (2023). On the Effectiveness of BGP Hijackers That Evade Public Route Collectors. In IEEE Access, volume 11, pages 31092–31124.

Moll, O. (2020). Border Gateway Protocol Hijacking - Examples and Solutions. [link].

NIST (2024). NIST RPKI Monitor. [link].

Palmeira, C. (2023). Hackers entram na guerra e atacam governos da Palestina e de Israel. [link].

Philip Smith (2021). BGP Routing Table Analysis. [link].

Qin, L. et al. (2022). Themis: Accelerating the Detection of Route Origin Hijacking by Distinguishing Legitimate and Illegitimate MOAS. In USENIX Security‘ 22.

Rekhter, Y. et al. (2006). A Border Gateway Protocol 4 (BGP-4). RFC 4271.

Sermpezis, P. et al. (2018a). A Survey among Network Operators on BGP Prefix Hijacking. In Proc. ACM SIGCOMM’18, page 64–69.

Sermpezis, P. et al. (2018b). ARTEMIS: Neutralizing BGP Hijacking Within a Minute. In IEEE/ACM Transactions on Networking, volume 26, pages 2471–2486.

Shapira, T. and Shavitt, Y. (2022). AP2Vec: An Unsupervised Approach for BGP Hijacking Detection. IEEE Trans. on Network and Service Management, 19(3):2255–2268.

Siddiqui, A. (2022). KlaySwap – Another BGP Hijack Targeting Crypto Wallets. [link].

Suzuki, S. (2022). A guerra cibernética paralela entre Rússia e Ucrânia. [link].

Xiang, Y. et al. (2011). Argus: An Accurate and Agile System to Detecting IP Prefix Hijacking. In 19th IEEE ICNP, pages 43–48.

Characterization of the Vulnerability to Prefix Hijack of Military Autonomous Systems

Abstract

References

Most read articles by the same author(s)