{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T22:59:18Z","timestamp":1773269958737,"version":"3.50.1"},"publisher-location":"Singapore","reference-count":36,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819562022","type":"print"},{"value":"9789819562039","type":"electronic"}],"license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-981-95-6203-9_14","type":"book-chapter","created":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T03:42:37Z","timestamp":1767325357000},"page":"253-271","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["What Interferes with\u00a0the Accurate Detection of\u00a0Origin Hijacking Anomalies?"],"prefix":"10.1007","author":[{"given":"Yuancheng","family":"Xie","sequence":"first","affiliation":[]},{"given":"Zhaoxin","family":"Zhang","sequence":"additional","affiliation":[]},{"given":"Ning","family":"Li","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,1,2]]},"reference":[{"issue":"1","key":"14_CR1","doi-asserted-by":"publisher","first-page":"377","DOI":"10.1109\/COMST.2016.2622240","volume":"19","author":"B Al-Musawi","year":"2016","unstructured":"Al-Musawi, B., Branch, P., Armitage, G.: BGP anomaly detection techniques: a survey. IEEE Commun. Surv. Tutorials 19(1), 377\u2013396 (2016)","journal-title":"IEEE Commun. Surv. Tutorials"},{"issue":"3","key":"14_CR2","doi-asserted-by":"publisher","first-page":"765","DOI":"10.1109\/TSC.2018.2824809","volume":"14","author":"M Cheng","year":"2018","unstructured":"Cheng, M., Li, Q., Lv, J., Liu, W., Wang, J.: Multi-scale LSTM model for BGP anomaly classification. IEEE Trans. Serv. Comput. 14(3), 765\u2013778 (2018)","journal-title":"IEEE Trans. Serv. Comput."},{"key":"14_CR3","doi-asserted-by":"crossref","unstructured":"Cheng, M., Xu, Q., Jianming, L., Liu, W., Li, Q., Wang, J.: MS-LSTM: a multi-scale LSTM model for BGP anomaly detection. In: 2016 IEEE 24th international conference on network protocols (ICNP), pp.\u00a01\u20136. IEEE (2016)","DOI":"10.1109\/ICNP.2016.7785326"},{"key":"14_CR4","doi-asserted-by":"crossref","unstructured":"Chin, K.W.: On the characteristics of BGP multiple origin as conflicts. In: 2007 Australasian Telecommunication Networks and Applications Conference, pp. 157\u2013162. IEEE (2007)","DOI":"10.1109\/ATNAC.2007.4665228"},{"key":"14_CR5","doi-asserted-by":"crossref","unstructured":"Cho, S., Fontugne, R., Cho, K., Dainotti, A., Gill, P.: BGP hijacking classification. In: 2019 Network Traffic Measurement and Analysis Conference (TMA), pp. 25\u201332. IEEE (2019)","DOI":"10.23919\/TMA.2019.8784511"},{"key":"14_CR6","unstructured":"cisco: BGPMON (2024). https:\/\/crosswork.cisco.com\/"},{"key":"14_CR7","doi-asserted-by":"crossref","unstructured":"Ding, Q., Li, Z., Batta, P., Trajkovi\u0107, L.: Detecting BGP anomalies using machine learning techniques. In: 2016 IEEE International Conference on Systems, Man, and Cybernetics (SMC), pp. 003352\u2013003355. IEEE (2016)","DOI":"10.1109\/SMC.2016.7844751"},{"key":"14_CR8","doi-asserted-by":"crossref","unstructured":"Dong, Y., Li, Q., Sinnott, R.O., Jiang, Y., Xia, S.: ISP self-operated BGP anomaly detection based on weakly supervised learning. In: 2021 IEEE 29th International Conference on Network Protocols (ICNP), pp. 1\u201311. IEEE (2021)","DOI":"10.1109\/ICNP52444.2021.9651957"},{"issue":"1","key":"14_CR9","first-page":"97","volume":"4","author":"MU Ghani","year":"2021","unstructured":"Ghani, M.U., Khan, A., Hussain, S., Jhandir, M.Z., Kazmi, R., Bajwa, I.S.: PHDs: IP prefix hijack detection system. Pakistan J. Eng. Tech. 4(1), 97\u2013105 (2021)","journal-title":"Pakistan J. Eng. Tech."},{"key":"14_CR10","doi-asserted-by":"crossref","unstructured":"Hammood, N.H., Al-Musawi, B.: Using BGP features towards identifying type of BGP anomaly. In: 2021 International Congress of Advanced Technology and Engineering (ICOTEN), pp. 1\u201310. IEEE (2021)","DOI":"10.1109\/ICOTEN52080.2021.9493491"},{"key":"14_CR11","doi-asserted-by":"crossref","unstructured":"Hawkinson, J., Bates, T.: RFC 1930: guidelines for creation. Selection, and Registration of an Autonomous System (AS) (1996)","DOI":"10.17487\/rfc1930"},{"key":"14_CR12","doi-asserted-by":"crossref","unstructured":"Hoarau, K., Tournoux, P.U., Razafindralambo, T.: BML: an efficient and versatile tool for BGP dataset collection. In: 2021 IEEE International Conference on Communications Workshops (ICC Workshops), pp.\u00a01\u20136. IEEE (2021)","DOI":"10.1109\/ICCWorkshops50388.2021.9473737"},{"key":"14_CR13","doi-asserted-by":"crossref","unstructured":"Hoarau, K., Tournoux, P.U., Razafindralambo, T.: Suitability of graph representation for BGP anomaly detection. In: 2021 IEEE 46th Conference on Local Computer Networks (LCN), pp. 305\u2013310. IEEE (2021)","DOI":"10.1109\/LCN52139.2021.9524941"},{"key":"14_CR14","unstructured":"Imai, H., Okada, M., Kanaoka, A.: Poster: Moai: multiple origin ases identification for IP prefix hijacking and mis-origination. In: NDSS (2020)"},{"key":"14_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1007\/978-3-642-54999-1_11","volume-title":"Traffic Monitoring and Analysis","author":"Q Jacquemart","year":"2014","unstructured":"Jacquemart, Q., Urvoy-Keller, G., Biersack, E.: A Longitudinal Study of BGP MOAS Prefixes. In: Dainotti, A., Mahanti, A., Uhlig, S. (eds.) TMA 2014. LNCS, vol. 8406, pp. 127\u2013138. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-642-54999-1_11"},{"issue":"4","key":"14_CR16","first-page":"18","volume":"18","author":"M Jia","year":"2021","unstructured":"Jia, M., Shu, Y., Guo, Q., Gao, Z., Xie, S.: DDOS attack detection method for space-based network based on SDN architecture. ZTE commun. 18(4), 18\u201325 (2021)","journal-title":"ZTE commun."},{"key":"14_CR17","doi-asserted-by":"crossref","unstructured":"Karimi, M., Jahanshahi, A., Mazloumi, A., Sabzi, H.Z.: Border gateway protocol anomaly detection using neural network. In: 2019 IEEE International Conference on Big Data (Big Data), pp. 6092\u20136094. IEEE (2019)","DOI":"10.1109\/BigData47090.2019.9006201"},{"key":"14_CR18","unstructured":"Lad, M., Massey, D., Pei, D., Wu, Y., Zhang, B., Zhang, L.: Phas: a prefix hijack alert system. In: USENIX Security symposium. vol.\u00a01, p.\u00a03 (2006)"},{"issue":"2","key":"14_CR19","doi-asserted-by":"publisher","first-page":"307","DOI":"10.1016\/S0016-0032(96)00063-4","volume":"334","author":"M Men\u00e9ndez","year":"1997","unstructured":"Men\u00e9ndez, M., Pardo, J., Pardo, L., Pardo, M.: The jensen-shannon divergence. J. Franklin Inst. 334(2), 307\u2013318 (1997)","journal-title":"J. Franklin Inst."},{"key":"14_CR20","unstructured":"NCC, R.: Ripe RIS (2024). https:\/\/www.ripe.net\/analyse\/internet- measurements\/routing-information-service -ris\/ris-raw-data"},{"key":"14_CR21","unstructured":"Oregon, U.: Routeviews (2024). http:\/\/www.routeviews.org\/routeviews\/"},{"key":"14_CR22","doi-asserted-by":"crossref","unstructured":"Orsini, C., King, A., Giordano, D., Giotsas, V., Dainotti, A.: Bgpstream: a software framework for live and historical BGP data analysis. In: Proceedings of the 2016 Internet Measurement Conference, pp. 429\u2013444 (2016)","DOI":"10.1145\/2987443.2987482"},{"key":"14_CR23","unstructured":"Qin, L., Li, D., Li, R., Wang, K.: Themis: accelerating the detection of route origin hijacking by distinguishing legitimate and illegitimate $$\\{$$MOAS$$\\}$$. In: 31st USENIX Security Symposium (USENIX Security 22), pp. 4509\u20134524 (2022)"},{"key":"14_CR24","unstructured":"Radar: Lumen aka centurylink is generating routing incidents via former level3 network, again (2020). https:\/\/radar.qrator.dev\/blog\/articles\/101. Accessed 30 Aug 2023"},{"key":"14_CR25","doi-asserted-by":"crossref","unstructured":"Sanchez, O.R., Ferlin, S., Pelsser, C., Bush, R.: Comparing machine learning algorithms for BGP anomaly detection using graph features. In: Proceedings of the 3rd ACM CoNEXT Workshop on Big DATA, Machine Learning and Artificial Intelligence for Data Communication Networks, pp. 35\u201341 (2019)","DOI":"10.1145\/3359992.3366640"},{"issue":"6","key":"14_CR26","doi-asserted-by":"publisher","first-page":"1849","DOI":"10.1109\/JSAC.2016.2558978","volume":"34","author":"J Schlamp","year":"2016","unstructured":"Schlamp, J., Holz, R., Jacquemart, Q., Carle, G., Biersack, E.W.: Heap: reliable assessment of BGP hijacking attacks. IEEE J. Sel. Areas Commun. 34(6), 1849\u20131861 (2016)","journal-title":"IEEE J. Sel. Areas Commun."},{"issue":"1","key":"14_CR27","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1145\/3211852.3211862","volume":"48","author":"P Sermpezis","year":"2018","unstructured":"Sermpezis, P., Kotronis, V., Dainotti, A., Dimitropoulos, X.: A survey among network operators on BGP prefix hijacking. ACM SIGCOMM Comput. Commun. Rev. 48(1), 64\u201369 (2018)","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"issue":"6","key":"14_CR28","doi-asserted-by":"publisher","first-page":"2471","DOI":"10.1109\/TNET.2018.2869798","volume":"26","author":"P Sermpezis","year":"2018","unstructured":"Sermpezis, P., et al.: Artemis: neutralizing BGP hijacking within a minute. IEEE\/ACM Trans. Netw. 26(6), 2471\u20132486 (2018)","journal-title":"IEEE\/ACM Trans. Netw."},{"key":"14_CR29","doi-asserted-by":"crossref","unstructured":"Shapira, T., Shavitt, Y.: A deep learning approach for IP hijack detection based on ASN embedding. In: Proceedings of the Workshop on Network Meets AI and ML, pp. 35\u201341 (2020)","DOI":"10.1145\/3405671.3405814"},{"issue":"3","key":"14_CR30","doi-asserted-by":"publisher","first-page":"2255","DOI":"10.1109\/TNSM.2022.3166450","volume":"19","author":"T Shapira","year":"2022","unstructured":"Shapira, T., Shavitt, Y.: Ap2vec: an unsupervised approach for BGP hijacking detection. IEEE Trans. Netw. Serv. Manage. 19(3), 2255\u20132268 (2022)","journal-title":"IEEE Trans. Netw. Serv. Manage."},{"key":"14_CR31","doi-asserted-by":"crossref","unstructured":"Shi, X., Xiang, Y., Wang, Z., Yin, X., Wu, J.: Detecting prefix hijackings in the internet with argus. In: Proceedings of the 2012 Internet Measurement Conference, pp. 15\u201328 (2012)","DOI":"10.1145\/2398776.2398779"},{"key":"14_CR32","doi-asserted-by":"crossref","unstructured":"Sun, J., et al.: An efficient BGP anomaly detection scheme with hybrid graph features. In: International Conference on Emerging Networking Architecture and Technologies, pp. 494\u2013506. Springer (2022)","DOI":"10.1007\/978-981-19-9697-9_40"},{"key":"14_CR33","doi-asserted-by":"crossref","unstructured":"Testart, C., Richter, P., King, A., Dainotti, A., Clark, D.: Profiling BGP serial hijackers: capturing persistent misbehavior in the global routing table. In: Proceedings of the Internet Measurement Conference, pp. 420\u2013434 (2019)","DOI":"10.1145\/3355369.3355581"},{"key":"14_CR34","unstructured":"freedom-to tinker: attackers exploit fundamental flaw in the webs security to steal 2 million in cryptocurrency (2022). https:\/\/freedom-to-tinker.com\/2022\/03\/09\/ attackers-exploit-fundamental-flaw-in-the-webs-security-to-steal-2-million-in -cryptocurrency\/"},{"key":"14_CR35","doi-asserted-by":"crossref","unstructured":"Vervier, P.A., Thonnard, O., Dacier, M.: Mind your blocks: on the stealthiness of malicious BGP hijacks. In: NDSS (2015)","DOI":"10.14722\/ndss.2015.23035"},{"key":"14_CR36","doi-asserted-by":"crossref","unstructured":"Zhao, X., et al.: An analysis of BGP multiple origin as (moas) conflicts. In: Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement, pp. 31\u201335 (2001)","DOI":"10.1145\/505202.505207"}],"container-title":["Lecture Notes in Computer Science","Information Security and Cryptology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-95-6203-9_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T07:37:27Z","timestamp":1773214647000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-95-6203-9_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"ISBN":["9789819562022","9789819562039"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-981-95-6203-9_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]},"assertion":[{"value":"2 January 2026","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"The authors have no competing interests to declare that are relevant to the content of this article.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Disclosure of Interests"}},{"value":"Inscrypt","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security and Cryptology","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Xi'an","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 October 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 October 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cisc22025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/inscrypt2025.xidian.edu.cn\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}