Incompetents, criminals, or spies: Macroeconomic analysis of routing anomalies

Routing anomalies, beyond simple leaks, are occurring on the order of tens of thousands a year. These may be accidents, but there is anecdotal evidence that indicates criminal intent. There are case studies that illustrate the use of these for national intelligence. Any given anomaly could be an acc...

Descripción completa

Detalles Bibliográficos
Autor Principal: Moriano Salazar, Pablo Andrés; Achar, Soumya; Camp, L. Jean
Formato: Artículo (Article)
Lenguaje:Desconocido (Unknown)
Publicado: Computers & Security; Vol. 70 2017
Materias:
Acceso en línea:http://babel.banrepcultural.org/cdm/ref/collection/p17054coll23/id/890
id ir-p17054coll23-890
recordtype dspace
spelling ir-p17054coll23-8902017-12-19 Incompetents, criminals, or spies: Macroeconomic analysis of routing anomalies Moriano Salazar, Pablo Andrés; Achar, Soumya; Camp, L. Jean Routing anomalies, beyond simple leaks, are occurring on the order of tens of thousands a year. These may be accidents, but there is anecdotal evidence that indicates criminal intent. There are case studies that illustrate the use of these for national intelligence. Any given anomaly could be an accident, a crime, or an attack. Although it is impossible to directly observe the motivation of those who generate these anomalies, aggregate data about the sources of these anomalies is available. Here we leverage tools of macroeconomics to provide insights into the possible nature of these anomalies. We offer an empirical investigation using multiple linear regression and unsupervised learning to analyze data over a four-year period in order to better understand the nature of routing anomalies. If routing anomalies are a result of limited technical competence, then countries with low levels of education, few technology exports, and less expertise should be over-represented. If routing anomalies are leveraged by criminals for profit, then economic theories and analytical approaches from criminology should show statistical significance. Or, if routing anomalies are primarily used by national intelligence agencies to attack either internal dissidents or those outside their borders, then the presence of conflict and measures of quality of governance are possible indicators. We examine anomalies as likely due to incompetence, potential ecrime, or intelligence operations using macroeconomics by leveraging three theories from criminology and global measures of technology adoption. We found that exports of technology were not statistically significant, undermining the argument for incompetence. We also found support for the possibility that anomalies are driven by crime, specifically for the guardianship and relative deprivation theories of crime. In addition to these findings from regression analysis, clustering indicates that civil conflict and surveillance are associated with the disproportionate origination of routing anomalies. This supports the possibility of use of routing anomalies for national intelligence. BGP Security; Prefix Hijacking; Ecrime; Surveillance; Macroeconomics; Statistical modeling; Clustering analysis Generalidades; Generalidades / Procesamiento de datos Ciencia de los computadores; Generalidades / Programación, programas, datos de computación; Generalidades / Métodos especiales de computación 2017 Computers & Security; Vol. 70 PDF Artículo ENG - Inglés Colfuturo © Derechos reservados del autor http://babel.banrepcultural.org/cdm/ref/collection/p17054coll23/id/890
institution Biblioteca Virtual Banco de la República - Colecciones digitales
collection Custom
language Desconocido (Unknown)
topic BGP Security; Prefix Hijacking; Ecrime; Surveillance; Macroeconomics; Statistical modeling; Clustering analysis
Generalidades; Generalidades / Procesamiento de datos Ciencia de los computadores; Generalidades / Programación, programas, datos de computación; Generalidades / Métodos especiales de computación
spellingShingle BGP Security; Prefix Hijacking; Ecrime; Surveillance; Macroeconomics; Statistical modeling; Clustering analysis
Generalidades; Generalidades / Procesamiento de datos Ciencia de los computadores; Generalidades / Programación, programas, datos de computación; Generalidades / Métodos especiales de computación
Moriano Salazar, Pablo Andrés; Achar, Soumya; Camp, L. Jean
Incompetents, criminals, or spies: Macroeconomic analysis of routing anomalies
description Routing anomalies, beyond simple leaks, are occurring on the order of tens of thousands a year. These may be accidents, but there is anecdotal evidence that indicates criminal intent. There are case studies that illustrate the use of these for national intelligence. Any given anomaly could be an accident, a crime, or an attack. Although it is impossible to directly observe the motivation of those who generate these anomalies, aggregate data about the sources of these anomalies is available. Here we leverage tools of macroeconomics to provide insights into the possible nature of these anomalies. We offer an empirical investigation using multiple linear regression and unsupervised learning to analyze data over a four-year period in order to better understand the nature of routing anomalies. If routing anomalies are a result of limited technical competence, then countries with low levels of education, few technology exports, and less expertise should be over-represented. If routing anomalies are leveraged by criminals for profit, then economic theories and analytical approaches from criminology should show statistical significance. Or, if routing anomalies are primarily used by national intelligence agencies to attack either internal dissidents or those outside their borders, then the presence of conflict and measures of quality of governance are possible indicators. We examine anomalies as likely due to incompetence, potential ecrime, or intelligence operations using macroeconomics by leveraging three theories from criminology and global measures of technology adoption. We found that exports of technology were not statistically significant, undermining the argument for incompetence. We also found support for the possibility that anomalies are driven by crime, specifically for the guardianship and relative deprivation theories of crime. In addition to these findings from regression analysis, clustering indicates that civil conflict and surveillance are associated with the disproportionate origination of routing anomalies. This supports the possibility of use of routing anomalies for national intelligence.
format Artículo (Article)
author Moriano Salazar, Pablo Andrés; Achar, Soumya; Camp, L. Jean
author_facet Moriano Salazar, Pablo Andrés; Achar, Soumya; Camp, L. Jean
author_sort Moriano Salazar, Pablo Andrés; Achar, Soumya; Camp, L. Jean
title Incompetents, criminals, or spies: Macroeconomic analysis of routing anomalies
title_short Incompetents, criminals, or spies: Macroeconomic analysis of routing anomalies
title_full Incompetents, criminals, or spies: Macroeconomic analysis of routing anomalies
title_fullStr Incompetents, criminals, or spies: Macroeconomic analysis of routing anomalies
title_full_unstemmed Incompetents, criminals, or spies: Macroeconomic analysis of routing anomalies
title_sort incompetents, criminals, or spies: macroeconomic analysis of routing anomalies
publisher Computers & Security; Vol. 70
publishDate 2017
url http://babel.banrepcultural.org/cdm/ref/collection/p17054coll23/id/890
_version_ 1682453377707933696
score 12,131701