	US 12,335,336 B2
	Methods and apparatus for finding global routing hijacks
Earl Edward Zmijewski, West Lebanon, NH (US); Douglas Madory, Lebanon, NH (US); and Alexandr Sergeyev, Bedford, NH (US)
Assigned to Oracle International Corporation, Redwood Shores, CA (US)
Filed by Dynamic Network Services, Inc., Redwood Shores, CA (US)
Filed on May 9, 2022, as Appl. No. 17/739,875.
Application 17/739,875 is a continuation of application No. 16/078,302, granted, now 11,394,745, previously published as PCT/US2017/018907, filed on Feb. 22, 2017.
Claims priority of provisional application 62/298,169, filed on Feb. 22, 2016.
Prior Publication US 2022/0263864 A1, Aug. 18, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 45/02 (2022.01); H04L 45/033 (2022.01); H04L 67/104 (2022.01)

CPC H04L 67/104 (2013.01) [H04L 45/033 (2022.05); H04L 45/04 (2013.01); H04L 63/1416 (2013.01); H04L 63/1466 (2013.01); H04L 45/02 (2013.01)]

20 Claims

1. A non-transitory computer readable medium comprising instructions which, when executed by one or more hardware processors, causes performance of operations comprising:

identifying a plurality of prefixes in a border gateway protocol (BGP) update;

determining a particular prefix from among the plurality of prefixes includes one or more private Autonomous System Numbers (ASNs) at a beginning of the particular prefix; and

determining the particular prefix is a potential routing hijack by:

identifying one or more private ASNs at the beginning of the particular prefix;

identifying a next ASN, in the particular prefix, subsequent to the one or more private ASNs;

identifying an origin associated with the next ASN; and

responsive to determining that the origin is a new origin, reporting the particular prefix as a potential routing hijack,

wherein determining that the origin is the new origin comprises determining the origin has not been the origin of any prefix included in any BGP update within a predetermined historical time period.