Skip to main content
European Commission logo print header

PHILOS: Real-time Detection and Automated Mitigation of BGP Prefix Hijacking Attacks

Descrizione del progetto

Tecnologia avanzata contro gli attacchi di dirottamento del prefisso a livello di BGP

Il protocollo BGP (Border Gateway Protocol) supporta il funzionamento di Internet agevolando lo scambio di informazioni di instradamento tra reti indipendenti. Tuttavia, la sua struttura obsoleta lo rende suscettibile ad attacchi di dirottamento, con conseguente inaccessibilità diffusa della rete. I metodi di difesa esistenti non solo sono costosi, ma offrono anche benefici immediati limitati e si affidano a meccanismi di rilevamento imprecisi che generano numerosi falsi allarmi, insieme a processi di mitigazione manuali e lenti. Il progetto PHILOS, finanziato dall’UE, propone una strategia innovativa incentrata sul rilevamento in tempo reale e sulla mitigazione automatica. L’obiettivo è quello di sviluppare un’applicazione di prova per l’impiego all’interno delle reti di potenziali clienti futuri e di elaborare un piano aziendale per assicurarsi il primo cliente commerciale.

Obiettivo

The Internet, with its unprecedented success and global scale as a network of networks, depends heavily on few fundamental technologies. One of these technologies is the Border Gateway Protocol (BGP), which glues together the independent networks of the Internet. BGP, based on a three-decade old design, is highly susceptible to BGP prefix hijacking attacks. These attacks, which have been repeatedly covered in the news due to their critical impact in several prominent cases, persistently pest network operators and users accessing their services, as they have the capability to render entire networks (and their services) unreachable. The resulting network outages, lasting from several hours to days, cost millions of dollars. BGP prefix hijacking events result usually from human error, but can also be malicious. Offenders can impersonate victim networks, steal sensitive information, or stealthily intercept and manipulate traffic destined to legitimate destinations.

Current approaches to defend against hijacking attacks (a) are poorly adopted, due to their high cost and low immediate benefit, or (b) rely on inaccurate detection mechanisms that generate numerous false alerts, while lacking automation. The latter results in manual and slow mitigation processes, which is presently the norm.

PHILOS is a new approach to defend against BGP prefix hijacking attacks. It focuses on real-time detection and automated mitigation, relies on novel detection algorithms, and employs new technologies in order to reduce the duration of the detection/mitigation cycle from hours and days, down to a few seconds. It therefore greatly reduces the cost of outages.

The goal of this project is twofold. First, it aims to create a Proof of Concept implementation of PHILOS that can be deployed within the network of potential future customers. Second, it will form a business plan aiming to establish the necessary environment for finding the first commercial customer of PHILOS.

Meccanismo di finanziamento

ERC-POC - Proof of Concept Grant

Istituzione ospitante

IDRYMA TECHNOLOGIAS KAI EREVNAS
Contribution nette de l'UE
€ 150 000,00
Indirizzo
N PLASTIRA STR 100
70013 Irakleio
Grecia

Mostra sulla mappa

Regione
Νησιά Αιγαίου Κρήτη Ηράκλειο
Tipo di attività
Research Organisations
Collegamenti
Costo totale
€ 150 000,00

Beneficiari (1)