Detecting DOS/DDOS Attacks Under Ipv6
The new features introduced such as Auto-address configuration, End to End connectivity, mandatory support for security and mobility pose a great challenge on security for future networks based on IPv6. In this paper we mainly focus on the typical DoS/DDo
- PDF / 308,767 Bytes
- 9 Pages / 439.37 x 666.142 pts Page_size
- 99 Downloads / 285 Views
Detecting DOS/DDOS Attacks Under Ipv6 Jian Gao and Yingjun Chen
Abstract The new features introduced such as Auto-address configuration, End to End connectivity, mandatory support for security and mobility pose a great challenge on security for future networks based on IPv6. In this paper we mainly focus on the typical DoS/DDoS attacks under IPv6, which include TCP-Flood, UDPFlood, ICMP-Flood and some other attacks based on IPv6 mechanism. We analysis the features of IPv6 and the DoS/DDoS methods above, and proposes a method to detect DoS/DDos attacks that involve TCP-Flood, UDP-Flood, ICMP-Flood, Duplicate Address Detection attack and based on routing header attacks under IPv6 environment. Keywords IPv6 • DoS/DdoS • IPSec • TCP/IP
110.1
Introduction
With the development of Internet, IPv6 is inevitably taking the place of IPv4 as the main protocol of Internet. At the same time IPv6 security issues become a growing concern. Though IPSec support is mandatory in IPv6, A working IPSec infrastructure is also difficult to deploy and manage [1–5]. The main reason behind this is the problem of key management. In this paper we mainly focus on the typical DoS/ DDoS attacks under IPv6 and some possible solutions. Dos/DDos attacks have become one of the most serious threats to the Internet. On the one hand, some DoS/ DDoS attacks could use some classic attack methods; they are respectively TCPFlood, UDP-Flood and ICMP-Flood, on the other hand, there are some attacks caused by new features of IPv6, which including the DoS attacks pertinent to IPv6 Neighbor Discovery protocol and DDoS attacks based on routing header [6–9].
J. Gao (*) • Y. Chen Chinese People’s Public Security University, Beijing, China e-mail: [email protected]; [email protected] S. Zhong (ed.), Proceedings of the 2012 International Conference on Cybernetics 847 and Informatics, Lecture Notes in Electrical Engineering 163, DOI 10.1007/978-1-4614-3872-4_110, # Springer Science+Business Media New York 2014
848
J. Gao and Y. Chen
The rest of the paper is organized as follows. In Sect. 110.2, we introduce most known possible DoS/DDoS attacks under IPv6 environment; In Sect. 110.3, we describe a number of related works and our proposed system; Finally the document is summarized with the features of IPv6, which require strengthening for security [10].
110.2
DoS/DDos Attacks Under IPv6
Wherever Times is specified, Times Roman or Times New Roman may be used. If neither is available on your word processor, please use the font closest in appearance to Times. Avoid using bit-mapped fonts if possible. True-Type 1 or Open Type fonts are preferred. Please embed symbol fonts, as well, for math, etc.
110.2.1
TCP SYN Flood Attack
This attack makes use of the Three Way Handshake mechanism of the TCP protocol. The attacking node sends a series of SYN requests to the victim with spoofed source address. The victim will send SYN/ACK as response and wait some time for an ACK to come back to complete the session set up. But because of the fake source address, ther
Data Loading...
