BGP Anomaly Detection by the mean of Updates Projection and Spatio-temporal Auto-encoding

Abstract

Detecting BGP anomalies is crucial to improve the security and robustness of the Internet's inter-domain routing system. As part of this work, we propose an innovative way for detecting these anomalies, a spatio-temporal auto-encoder with BGP updates projection. We first transform BGP updates into video sequences, then we detect the anomalies in these videos by developing an auto-encoder that leverages both the spatial and the temporal features of the videos. The model successfully detects all the different scenario attacks tested. Finally, as we learn the model for exactly one prefix, we apply transfer learning for generalizing the model for all the other prefixes on the Internet. The experimental results are very significant as they indicate the existence of a very similar behaviour for all the prefixes on the Internet.