PathProb: Probabilistic Inference and Path Scoring for Enhanced and Flexible BGP Route Leak Detection
Yingqian Hao
Network and Distributed System Security (NDSS) Symposium 2026 · Day 3 · Network Security
**BGP (Border Gateway Protocol)** remains the de facto inter-domain routing protocol for the global internet, yet it was designed without security mechanisms, leaving it vulnerable to **route leaks** and **prefix hijacks**. Route leaks -- where an Autonomous System (AS) shares routes with the wrong type of neighbors -- occurred even more frequently than hijacks in Q3 2025, causing event dropping, network overloads, and black holes. This talk introduces **PathProb**, a probabilistic route leak detection system that assigns **probability distributions** to each AS link's relationship type and calculates **legitimacy scores** for each AS path. Unlike rule-based approaches that produce binary (leak/not-leak) decisions with high false positive rates, and machine learning approaches that lack interpretability, PathProb offers operators adjustable detection thresholds to balance security sensitivity against false alarms. The system achieves the **highest precision and lowest false positive rate** while maintaining **98-100% recall**, and is compatible with emerging **ASPA (Autonomous System Provider Authorization)** deployment.
AI review
A probabilistic BGP route leak detection system that improves accuracy over existing approaches. Solid network security engineering, but the contribution is incremental improvement to routing security tooling rather than novel attack research or fundamental security insight.