{"title":"由于操纵IPv6扩展报头的安全含义和威胁检测","authors":"Monali Mavani, L. Ragha","doi":"10.1109/INDCON.2013.6726061","DOIUrl":null,"url":null,"abstract":"Use of IPv6 protocol is increasing due to lack of address space in IPv4 protocol. Along with increased address space, IPv6 also provides simplified header and additional functionality is put in the form of extension headers which can cause certain network threats, if misused. Network devices and operating systems are not at the matured stage to handle threats against IPv6 protocol. Reason being, not all network devices and operating system are fully RFC complaint. Even if they are, experience with IPv6 protocol is less, so there are possibilities of many unknown threats. This research investigates the threats due to misusing IPv6 destination option and fragmentation extension headers. Attacks addressed are fragmentation attack where upper layer protocol not present in first fragment i.e. tiny fragmentation attack, overlapping fragmentation attack, and flooding attack due to unknown option in destination option header. To verify these attacks, real test network set up is used. For each attack, detection logic is proposed and implemented in Linux environment using advanced shell scripting and C programming. To create packets with attack vectors Scapy - Python based packet manipulation tool is used. The proposed solution can run in host in order to detect these attacks and raise the alarm.","PeriodicalId":313185,"journal":{"name":"2013 Annual IEEE India Conference (INDICON)","volume":"400 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Security implication and detection of threats due to manipulating IPv6 extension headers\",\"authors\":\"Monali Mavani, L. Ragha\",\"doi\":\"10.1109/INDCON.2013.6726061\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Use of IPv6 protocol is increasing due to lack of address space in IPv4 protocol. Along with increased address space, IPv6 also provides simplified header and additional functionality is put in the form of extension headers which can cause certain network threats, if misused. Network devices and operating systems are not at the matured stage to handle threats against IPv6 protocol. Reason being, not all network devices and operating system are fully RFC complaint. Even if they are, experience with IPv6 protocol is less, so there are possibilities of many unknown threats. This research investigates the threats due to misusing IPv6 destination option and fragmentation extension headers. Attacks addressed are fragmentation attack where upper layer protocol not present in first fragment i.e. tiny fragmentation attack, overlapping fragmentation attack, and flooding attack due to unknown option in destination option header. To verify these attacks, real test network set up is used. For each attack, detection logic is proposed and implemented in Linux environment using advanced shell scripting and C programming. To create packets with attack vectors Scapy - Python based packet manipulation tool is used. The proposed solution can run in host in order to detect these attacks and raise the alarm.\",\"PeriodicalId\":313185,\"journal\":{\"name\":\"2013 Annual IEEE India Conference (INDICON)\",\"volume\":\"400 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 Annual IEEE India Conference (INDICON)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INDCON.2013.6726061\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 Annual IEEE India Conference (INDICON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INDCON.2013.6726061","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Security implication and detection of threats due to manipulating IPv6 extension headers
Use of IPv6 protocol is increasing due to lack of address space in IPv4 protocol. Along with increased address space, IPv6 also provides simplified header and additional functionality is put in the form of extension headers which can cause certain network threats, if misused. Network devices and operating systems are not at the matured stage to handle threats against IPv6 protocol. Reason being, not all network devices and operating system are fully RFC complaint. Even if they are, experience with IPv6 protocol is less, so there are possibilities of many unknown threats. This research investigates the threats due to misusing IPv6 destination option and fragmentation extension headers. Attacks addressed are fragmentation attack where upper layer protocol not present in first fragment i.e. tiny fragmentation attack, overlapping fragmentation attack, and flooding attack due to unknown option in destination option header. To verify these attacks, real test network set up is used. For each attack, detection logic is proposed and implemented in Linux environment using advanced shell scripting and C programming. To create packets with attack vectors Scapy - Python based packet manipulation tool is used. The proposed solution can run in host in order to detect these attacks and raise the alarm.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
