Search Icon
2027 Submissions

PathProb: Probabilistic Inference and Path Scoring for Enhanced and Flexible BGP Route Leak Detection

Yingqian Hao (Computer Network Information Center, Chinese Academy of Sciences; University of Chinese Academy of Sciences), Hui Zou (Computer Network Information Center, Chinese Academy of Sciences; University of Chinese Academy of Sciences), Lu Zhou (Computer Network Information Center, Chinese Academy of Sciences; University of Chinese Academy of Sciences), Yuxuan Chen (Computer Network Information Center, Chinese Academy of Sciences; University of Chinese Academy of Sciences), Yanbiao Li (Computer Network Information Center, Chinese Academy of Sciences; University of Chinese Academy of Sciences)

The Border Gateway Protocol (BGP) lacks inherent security, leaving the Internet vulnerable to severe threats like route leaks. Existing detection methods suffer from limitations such as rigid binary classification, high false positives, and sparse authoritative AS relationship data. To address these challenges, this paper proposes PathProb—a novel paradigm that flexibly identifies route leaks by calculating topology-aware probability distributions for AS links and computing legitimacy scores for AS paths. Our approach integrates Monte Carlo methods with an Integer Linear Programming formulation of routing policies to derive these solutions efficiently.

We comprehensively evaluate PathProb using real-world BGP routing traces and route leak incidents. Results show our inference model outperforms state-of-the-art approaches with a high-confidence validation dataset. PathProb detects real-world route leaks with 98.45% recall while simultaneously reducing false positives by 4.29 ∼ 20.08 percentage points over stateof-the-art alternatives. Additionally, PathProb’s path legitimacy scoring enables network administrators to dynamically adjust route leak detection thresholds—tailoring security posture to their specific false alarm tolerance and security needs. Finally, PathProb offers seamless compatibility with emerging route leak mitigation mechanisms, such as Autonomous System Provider Authorization (ASPA), enabling flexible integration to enhance leak detection capabilities.

Paper
Slides
Video

View More Papers

Beyond Raw Bytes: Towards Large Malware Language Models

Luke Kurlandski (Rochester Institute of Technology, Rochester New York USA), Harel Berger (Ariel University, Israel), Yin Pan (Rochester Institute of Technology, Rochester New York USA), Matthew Wright (Rochester Institute of Technology, Rochester New York USA)

Read More

Q-MLLM: Vector Quantization for Robust Multimodal Large Language Model...

Wei Zhao (Singapore Management University), Zhe Li (Singapore Management University), Yige Li (Singapore Management University), Jun Sun (Singapore Management University)

Read More

BSFuzzer: Context-Aware Semantic Fuzzing for BLE Logic Flaw Detection

Ting Yang (Xidian University and Kanazawa University), Yue Qin (Central University of Finance and Economics), Lan Zhang (Northern Arizona University), Zhiyuan Fu (Hainan University), Junfan Chen (Hainan University), Jice Wang (Hainan University), Shangru Zhao (University of Chinese Academy of Sciences), Qi Li (Tsinghua University), Ruidong Li (Kanazawa University), He Wang (Xidian University), Yuqing Zhang (University…

Read More