Welcome to AS-CRED, a reputation service for the Internet. AS-CRED has been built with two purposes in mind:
- To compute and display reputation for Autonomous Systems (ASes) obeserved in the Internet, by analyzing past BGP updates announced by them for their validity.
- To provide an alert service for tracking the subsequent announcement of potentially invalid BGP updates based on the computed reputation.
Validity of an BGP update is defined as satisfying three properties: (1) Accuracy: the announced updates containing accurate information, i.e., there is no prefix hijacking, (2) Long-lived: the announced updated advertising prefix ownership information in a sustained manner, i.e., the updates are not parts of a sequence of short-lived prefix announcements and withdrawals (which has become a growing problem in the Internet), and (3) Legality: the AS numbers and the prefix values contained in the update are legitimate. Reputation for ASes is thus the quantifications of an AS's tendency ( level of trust ) to announce invalid updates.
Consequently two reputation values are computed for every AS: RepU characterizes an AS' tendency to announce invalid BGP updates which may disrupt the correct functionality of the Internet, while RepB characterizes an AS' tendency to announce invalid updates which have less serious consequences. Our reputation function characterizes the invalidity of BGP updates, as a result, a value of ZERO. is considered the best, while higher values indicate poor behavior, in this regard.
The two reputation values are then used to trigger alerts for any invalid BGP updates announced within the Internet. What differentiates AS-CRED's alert service from other alert services which use historical information are: (1) its focus on the vacillating issues along with inaccuracy problem, the former is a much more serious problem in term of the quantity of such updates circulated within the Internet; (2) its inclusion of a quantitative value characterizing the tendency of an AS to announce inaccurate or vacillating updates, along with the alerts; and (3) a significantly reduced false postive rate in classifying inaccurate BGP updates.
We use data from RouteViews BGP data collector for this project, both to compute reputations and generate alerts. The reputation computation entails using BGP updates from a sliding window which covers the past 60 days. The reputations are re-computed daily, based on which alerts are triggered for BGP updates received that day.
Paper describing the details of AS-CRED can be found here.