Flow-Based Detection of IPv6-specific Network Layer Attacks - Security of Networks and Services in an All-Connected World
Conference Papers Year : 2017

Flow-Based Detection of IPv6-specific Network Layer Attacks

Luuk Hendriks
  • Function : Author
  • PersonId : 995415
Petr Velan
  • Function : Author
  • PersonId : 1009097
Ricardo De O. Schmidt
  • Function : Author
  • PersonId : 1009105
Pieter-Tjerk De Boer
  • Function : Author
  • PersonId : 1004798
Aiko Pras
  • Function : Author
  • PersonId : 994064

Abstract

With a vastly different header format, IPv6 introduces new vulnerabilities not possible in IPv4, potentially requiring new detection algorithms. While many attacks specific to IPv6 have proven to be possible and are described in the literature, no detection solutions for these attacks have been proposed. In this study we identify and characterise IPv6-specific attacks that can be detected using flow monitoring. By constructing flow-based signatures, detection can be performed using available technologies such as NetFlow and IPFIX. To validate our approach, we implemented these signatures in a prototype, monitoring two production networks and injecting attacks into the production traffic.
Fichier principal
Vignette du fichier
452969_1_En_11_Chapter.pdf (245.76 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01806050 , version 1 (01-06-2018)

Licence

Identifiers

Cite

Luuk Hendriks, Petr Velan, Ricardo De O. Schmidt, Pieter-Tjerk De Boer, Aiko Pras. Flow-Based Detection of IPv6-specific Network Layer Attacks. 11th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jul 2017, Zurich, Switzerland. pp.137-142, ⟨10.1007/978-3-319-60774-0_11⟩. ⟨hal-01806050⟩
58 View
75 Download

Altmetric

Share

More