A Survey among Network Operators on BGP Prefix Hijacking

TL;DR

This survey of 75 network operators reveals limited deployment of BGP hijacking defenses, highlighting awareness gaps, reliance on basic methods, and reluctance to adopt advanced solutions, informing future defense designs.

Contribution

The paper provides empirical insights into operators' awareness, current defenses, and barriers to deploying BGP hijacking mitigation techniques, guiding future research.

Findings

Most operators are aware of BGP hijacking threats.

Operators rely on basic, often inefficient, defenses.

There is reluctance to adopt new BGP security mechanisms.

Abstract

BGP prefix hijacking is a threat to Internet operators and users. Several mechanisms or modifications to BGP that protect the Internet against it have been proposed. However, the reality is that most operators have not deployed them and are reluctant to do so in the near future. Instead, they rely on basic - and often inefficient - proactive defenses to reduce the impact of hijacking events, or on detection based on third party services and reactive approaches that might take up to several hours. In this work, we present the results of a survey we conducted among 75 network operators to study: (a) the operators' awareness of BGP prefix hijacking attacks, (b) presently used defenses (if any) against BGP prefix hijacking, (c) the willingness to adopt new defense mechanisms, and (d) reasons that may hinder the deployment of BGP prefix hijacking defenses. We expect the findings of this survey to increase the understanding of existing BGP hijacking defenses and the needs of network operators, as well as contribute towards designing new defense mechanisms that satisfy the requirements of the operators.