Security implication and detection of threats due to manipulating IPv6 extension headers

Use of IPv6 protocol is increasing due to lack of address space in IPv4 protocol. Along with increased address space, IPv6 also provides simplified header and additional functionality is put in the form of extension headers which can cause certain network threats, if misused. Network devices and ope...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:2013 Annual IEEE India Conference (INDICON) s. 1 - 6
Hlavní autoři: Mavani, Monali, Ragha, Leena
Médium: Konferenční příspěvek
Jazyk:angličtina
Vydáno: IEEE 01.12.2013
Témata:
Detectors
Extension Header
Flooding
Internet
IPv6
Operating systems
overlapped fragments
Protocols
Routing
Scapy
Security
Tiny fragmentsl
Vectors
ISSN:2325-940X
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Use of IPv6 protocol is increasing due to lack of address space in IPv4 protocol. Along with increased address space, IPv6 also provides simplified header and additional functionality is put in the form of extension headers which can cause certain network threats, if misused. Network devices and operating systems are not at the matured stage to handle threats against IPv6 protocol. Reason being, not all network devices and operating system are fully RFC complaint. Even if they are, experience with IPv6 protocol is less, so there are possibilities of many unknown threats. This research investigates the threats due to misusing IPv6 destination option and fragmentation extension headers. Attacks addressed are fragmentation attack where upper layer protocol not present in first fragment i.e. tiny fragmentation attack, overlapping fragmentation attack, and flooding attack due to unknown option in destination option header. To verify these attacks, real test network set up is used. For each attack, detection logic is proposed and implemented in Linux environment using advanced shell scripting and C programming. To create packets with attack vectors Scapy - Python based packet manipulation tool is used. The proposed solution can run in host in order to detect these attacks and raise the alarm.
ISSN:2325-940X
DOI:10.1109/INDCON.2013.6726061