Separating Wheat from Chaff: Winnowing Unintended Prefixes using Machine Learning
Andra Lutu, PhD Student, IMDEA Networks Institute & University Carlos III of Madrid (UC3M), Spain
External Presentation (IN Speaker)
In this paper, we propose the use of prefix visibility at the interdomain level as an early symptom of anomalous events in the Internet. We focus on detecting anomalies which, despite their significant impact on the routing system, remain concealed from state of the art tools. We design a machine learning system to winnow the prefixes with unintended limited visibility – symptomatic of anomalous events – from the prefixes with intended limited visibility – resulting from legitimate routing operations.
We train a winnowing algorithm with ground-truth data on 20,000 operational limited visibility prefixes (LVPs) already classified by the operators of the origin networks. The ground-truth was collected using the BGP Visibility Scanner, a tool we developed to provide operators with a multi-angle view on the efficacy of their routing policies. We build a dataset with the pre-classified prefixes and the features describing their visibility status dynamics. We further use this dataset to derive a boosted decision tree which winnows unintended LVPs with an accuracy of 95%.
This publication was published at the Passive and Active Measurements Conference (PAM 2014), 10-11 March 2014, Los Angeles, CA, USA.
About Andra Lutu
In July 2009 I have completed my undergraduated studies at the Polytechnic University of Bucharest, Faculty of Electronics, Telecommunication and Information Technology. I’ve received my BSc. in Networks and Software for Telecommunications. During the final year of my studies, I was also a part of the Orange Romania “Top Talents” programme.
In October 2009, I have joined Institute IMDEA Networks as a Research Assistant. Since then, I have been working under the supervision of Prof. Dr. Marcelo Bagnulo. I’ve graduated from the Interuniversitary Masters programme in Telematics Engineering from University Carlos III of Madrid in September 2010, after defending the Masters Thesis “Game Theory applications to Interdomain Routing”. In October 2010, I have also joined the Telematics Engineering Department at University Carlos III of Madrid as a PhD candidate under the supervision of Prof. Dr. Marcelo Bagnulo.
In June-July 2012, I have been a part of the summer internship programme at Internet Initiative Japan – Innovation Institute.
This event will be conducted in English