The Blind Spot of BGP Anomaly Detection: Why LSTM Autoencoders Fail on Real-World Outages

Deep learning has significant potential to make the Internet's Border Gateway Protocol (BGP) secure by detecting anomalous routing activity. However, all but a few of these approaches rely on the implicit assumption that anomalies manifest as noisy, high-complexity outliers from some normal baseline. This work challenges this assumption by investigating if a best-in-class detection model built on this assumption can effectively deal with real-world security events' diverse signatures. We employ an LSTM-based autoencoder, a classical example of a reconstruction-based anomaly detector, as our test vehicle. We then contrast this model with a representative sampling of historical BGP anomalies, including the Slammer worm and the Moscow blackout, and with a simulated 'BGP storm' designed as a positive control. Our experience unveils a blind spot of our model: the model easily identifies the synthetic anomaly of high complexity but invariably fails to identify real-world events that manifest in the form of a "signal loss" (e.g., Slammer, Moscow Blackout) or "low-deviation" (e.g., WannaCry) signature. We demonstrate that the model mistakenly recognizes the abrupt cut-off of BGP updates during catastrophic failures as a signal of extreme stability, leading to reconstruction errors of virtually zero and total failure to detect. We conclude that the characterization of BGP anomalies as high-reconstruction-error events alone is a weak and dangerous oversimplification. Our research provides the data-driven case for why hybrid, multi-modal detection systems capable of identifying both high-complexity and signal-loss signatures are required to enable end-to-end BGP security.