{"title":"IPv6 attack scenarios testbed","authors":"W. Ali, A. Taib, N. Hussin, J. Othman","doi":"10.1109/SHUSER.2012.6269008","DOIUrl":null,"url":null,"abstract":"Deploying IPv6 in the enterprise network will increase the security issues since some of IPv6 features bring vulnerabilities. Thus, mitigating them with appropriate security policy is vital. By having attack scenario testing, it will expose network administrators to the IPv6 potential attack. For example, Bad ACK-Reset attack is used by an attacker to reset a new connection after exploiting network. Also, Packet Fragmentation attack is capable to control over the packet fragmentation services yet can cause problems in security measurement. Hence, this paper tested Bad ACK-Reset and Packet Fragmentation attack scenarios for analysis. This paper used Scapy (2.0.1) to generate packets for testing. A testbed simulation has been designed by using Graphical Network Simulator 3 (GNS3). Several ip6tables rules and access control lists (ACLs) were implemented at the host and the router respectively to counter Bad ACK-Reset and Packet Fragmentation attack scenarios. Information gained from the testing will provide a clear understanding on IPv6 security issues and help to design a proper network security policy. The current results from the testing can be used for future research in generating the security policies. Thus, our further research will focus on modelling the created security policy for IPv6 deployment.","PeriodicalId":426671,"journal":{"name":"2012 IEEE Symposium on Humanities, Science and Engineering Research","volume":"18 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 IEEE Symposium on Humanities, Science and Engineering Research","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SHUSER.2012.6269008","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 7
Abstract
Deploying IPv6 in the enterprise network will increase the security issues since some of IPv6 features bring vulnerabilities. Thus, mitigating them with appropriate security policy is vital. By having attack scenario testing, it will expose network administrators to the IPv6 potential attack. For example, Bad ACK-Reset attack is used by an attacker to reset a new connection after exploiting network. Also, Packet Fragmentation attack is capable to control over the packet fragmentation services yet can cause problems in security measurement. Hence, this paper tested Bad ACK-Reset and Packet Fragmentation attack scenarios for analysis. This paper used Scapy (2.0.1) to generate packets for testing. A testbed simulation has been designed by using Graphical Network Simulator 3 (GNS3). Several ip6tables rules and access control lists (ACLs) were implemented at the host and the router respectively to counter Bad ACK-Reset and Packet Fragmentation attack scenarios. Information gained from the testing will provide a clear understanding on IPv6 security issues and help to design a proper network security policy. The current results from the testing can be used for future research in generating the security policies. Thus, our further research will focus on modelling the created security policy for IPv6 deployment.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
