BGP Anomaly Detection Based on Automatic Feature Extraction by Neural Network

Being the default inter-domain route protocol in the Internet, the security of BGP has attracted increasing attention. BGP anomaly detection technique aims to detect and alert anomalous events so as to minimize the damage it causes. In the existing related works, manually designed statistical features such as number of BGP update messages and AS-PATH length are commonly used for further anomaly classfication. However, features selected by researchers based on their observations on limited events may have limited generalization. On the other hand, neural networks have the ability to automatically extract features from large-scale raw data. In this work, we propose a novel method using raw BGP update data for both feature extraction and anomaly classification. The experiments on real world BGP data are conducted and the results show that our method has a promising performance compared with previous methods.