BGP anomaly detection as a group dynamics problem
Scott, B. A., Johnstone, M. N., Szewczyk, P., & Richardson, S. (2025). BGP anomaly detection as a group dynamics problem. Computer Networks, 257. https://doi.org/10.1016/j.comnet.2024.110926
Abstract
Understanding group information and collective behaviors is an ongoing area of research, encompassing natural phenomena and human dynamics. Quantifying interactions and interdependencies at the group level can be valuable for understanding complex and dynamical systems. The Border Gateway Protocol (BGP), the default inter-domain routing protocol for the Internet, operates within a large, complex, and dynamic system vulnerable to security threats. Traditional BGP anomaly detection focuses on single observables from individual Autonomous Systems (ASes), which inadequately addresses the multidimensional, multi-viewpoint nature of the Internet and interdomain routing. This paper introduces a novel approach for quantifying group AS-level information and dynamics. We present the first ever application of Multidimensional Recurrence Quantification Analysis (MdRQA) to any computer system, offering a robust BGP anomaly detection technique that identifies anomalies earlier than traditional single-AS observable methods. This research marks a significant advancement in BGP anomaly detection, treating it as a group dynamics problem within the Internet's complex and distributed system.