Flow-Based Detection of IPv6-specific Network Layer Attacks

Abstract : With a vastly different header format, IPv6 introduces new vulnerabilities not possible in IPv4, potentially requiring new detection algorithms. While many attacks specific to IPv6 have proven to be possible and are described in the literature, no detection solutions for these attacks have been proposed. In this study we identify and characterise IPv6-specific attacks that can be detected using flow monitoring. By constructing flow-based signatures, detection can be performed using available technologies such as NetFlow and IPFIX. To validate our approach, we implemented these signatures in a prototype, monitoring two production networks and injecting attacks into the production traffic.
Complete list of metadatas

Cited literature [2 references]  Display  Hide  Download

https://hal.inria.fr/hal-01806050
Contributor : Hal Ifip <>
Submitted on : Friday, June 1, 2018 - 4:00:39 PM
Last modification on : Friday, June 1, 2018 - 4:03:14 PM
Long-term archiving on : Wednesday, September 26, 2018 - 12:44:59 PM

File

 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2020-01-01

Please log in to resquest access to the document

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Luuk Hendriks, Petr Velan, Ricardo O. Schmidt, Pieter-Tjerk Boer, Aiko Pras. Flow-Based Detection of IPv6-specific Network Layer Attacks. 11th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jul 2017, Zurich, Switzerland. pp.137-142, ⟨10.1007/978-3-319-60774-0_11⟩. ⟨hal-01806050⟩

Share

Metrics

Record views

48