IJCSNS - International Journal of Computer Science and Network Security

To search, Click below search items.

All Published Papers Search Service

Title	Hybrid Machine Learning Algorithm for Enhanced BGP Anomaly Detection
Author	Nassir S. Kadhim, Nor Fadzilah Abdullah, and Kalaivani Chellappan
Citation	Vol. 24 No. 11 pp. 1-12
Abstract	Border Gateway Protocol (BGP) is a critical component of the Internet's infrastructure, responsible for inter-domain routing. It enables Internet Service Providers (ISPs) to manage the flow of data across the global network by announcing address prefixes and implementing routing policies. Despite its importance, BGP faces several challenges, including configuration errors and security vulnerabilities. This creates a regional or global internet service interruption. Nevertheless, the ability to detect abnormal messages transmitted via BGP enables the timely detection of such attacks. Machine learning (ML) has recently grown crucial in improving the effectiveness, efficiency, and scalability of BGP anomaly detection systems. This study evaluates the ML models for detection and identifying BGP anomalies. We applied a statistical analysis to the 24 BGP features extracted from a realistic network topology based on simulation. Three feature sets were categorized based on their significance in classifying anomalies and their potential for predicting cyberattacks. A comprehensive assessment of the performance of eight ML algorithms in detecting BGP anomalies utilizing multiple features and dataset structures has been conducted. The assessment findings revealed that the ML models exhibit consistent results with the tested dataset that containing a number of significant features data in terms of performance metrics and demonstrated that the combined dataset structure produced better results than the individual datasets. To enhance the BGP anomaly detection model and get the best results, we proposed a hybrid SGD-RF ML model, which achieved the highest accuracy by 99.3%, as well as improvement with an AUC value of 0.993 and other performance metrics as compared to the individual models.
Keywords	Border Gateway Protocol (BGP), machine learning algorithms, Anomaly detection, cyberattacks, feature sets.
URL	http://paper.ijcsns.org/07_book/202411/20241101.pdf