BgpAND - Architecting a Modular BGP4 Attack & Anomalies Detection Platform
Border Gateway Protocol (BGP) is an Autonomous System (AS) routing protocol. It forms the backbone of Internet core routing decisions. However, it is also equally prone to security issues and several attempts to attack & exploit the protocol have been noted. bgpAND is a platform designed and developed to analyze BGP updates, and detect anomalies and carry out attack filtrations. It is a modular platform such that new attack detection mechanisms can be implemented & integrated. bgpAND can also be linked to BGP routers providing real-time BGP updates and hence can be used as a live security solution.