Investigating the nature of routing anomalies: Closing in on subprefix hijacking attacks