Determination of components of route hijack risk by Internet connections topology analysis




global routing, Internet, route hijacking, routing model, cybersecurity, risk assessment


The possibility of dynamic routes change between nodes that are not physically connected is a key feature of the Internet routing. The exterior gateway protocol BGP‑4 has been developed to deliver this feature, along with policies and procedures of inter-domain routing. Developed for the network of hundreds nodes that rely on information from each other, after decades BGP-4 is still the same with tens thousands nodes and its crucial lack of routing data integrity. One of the most significant problems deriving from its weaknesses is route leaks and route hijacks. None of the proposed and partially implemented upgrades and add-ons like MANRS and RPKI can not deliver reliable defense against those types of attacks. In this paper, the approach of risk assessment via internetworking links analysis is developed. Although modern information security is based on risk management, in this paper it is proposed to mitigate route hijack risks by enhancing links topology. Estimating the risks of route hijack requires quantitative measurement of the impact of an attack on the routing distortion, and therefore, the loss of information security breach. For this assessment, this paper proposes to use knowledge of the features of the Internet topology at the layer of global routing, which is determined by the interaction of autonomous systems - groups of subnets under common control - according to the routing protocol BGP-4. Based on our formal representation of IP routing, the relationship between topology and the risk of route hijack is shown. A new approach to quantifying information risk using a new risk-oriented model of global routing, which will reflect the properties of Internet nodes in terms of the risk of routes hijack.

Author Biography

Vitalii Zubok, Pukhov institute for modeling in energy engineering of National academy of sciences of Ukraine, Kyiv,

candidate of technical sciences,
doctoral student


Internet Mapping and Annotation. Center for Applied Internet Data Analysis. [Online]. Available: Accessed on: June 28, 2020.

M. Newman, “The structure and function of networks”, Computer Physics Communications, vol. 147, iss. 1-2, 2002, pp. 40-45, doi:​10.1016/S0010-4655(02)00201-1.

M. Faloutsos, P. Faloutsos, and C.Faloutsos, “On Power-Law Relationships of the Internet Topology”, Computers and Communications Review, no. 29, 1999, pp. 251-263, doi:

V. Zubok. “Retrospective Analysis of Cyber Incidents related to Attacs on Global Routing”, Modeling and Information Technologies, iss. 86, 2019, pp.42-49.

RIPE NCC’s Implementation of Resource Public Key Infrastructure (RPKI) Certificate Tree Validation. [Online]. Available: Accessed on: May 25, 2020.

V. Zubok, “Metric Approach to Risk Evaluation of Cyberattacks on Global Routing”, CEUR Workshop Proceedings, vol. 2318, pp. 251-260. [Online]. Available: Accessed on: June 28, 2020.

P. Sermpezis et al., “ARTEMIS: Neutralizing BGP Hijacking within a Minute”. [Online]. Available: Accessed on: June 27, 2020.

T. McDaniel, M. Smith, and M. Schuchard, “Peerlock: Flexsealing BGP”. [Online]. Available: Accessed on: July 17, 2020.

International Organization for Standardization. (2009, Nov. 13). ISO Guide 73, Risk management. Vocabulary. [Online]. Available: Accessed on: Aug. 20, 2019.

Y. Rekhter, and P. Gross, “RFC 1772. Application of the Border Gateway Protocol in the Internet”. [Online]. Available: Accessed on: June 20, 2020.

V. Mokhor, and V. Zubok, Forming of Internode Connectionsin the Internet Using the Theory of Complex Networks. Kyiv, Ukraine: Prometey, 2017.

V. Zubok, “Formal Description of Global Internet Global Routing Objects for Assessing the Risks of Attacks on Global Routing”, Data Recording, Storing and Processing, vol. 21, no. 4, 2020, pp. 67-74, doi:




How to Cite

Zubok, V. (2020). Determination of components of route hijack risk by Internet connections topology analysis. Information Technology and Security, 8(2), 232–239.