Key points are not available for this paper at this time.
The Border Gateway Protocol (BGP) is the Internet's most crucial protocol for efficient global connectivity and traffic routing. However, BGP is well-known to be susceptible to route hijacks and leaks. Route hijacks are the illegitimate announcements of network resources, intentionally or unintentionally, which can compromise the confidentiality, integrity, and availability of communication systems. In the past, so-called "serial hijackers" have hijacked Internet resources multiple times, some lasting for several months or years. So far, only the paper "Profiling BGP Serial Hijackers" focuses explicitly on those repeated offenders, and their study dates back to 2019. Back then, they had to process large amounts of BGP announcements to find a few potential serial hijackers. In this paper, we revisit the profiling of serial hijackers. We reproduce and extend the study from 2019 and show that we can identify potential offenders with less data while achieving similar accuracy. We show that most of the alleged serial hijackers are still active on the Internet, announcing prefixes that belong to other ASes. In conclusion, our study confirms that there has been no significant increase in the evolution of serial hijacking activities during the last five years. However, we found that the active alleged serial hijackers and the identified potential malicious actors still threaten the Internet's security and stability.
Jaw et al. (Tue,) studied this question.