Yıl: 2020 Cilt: 9 Sayı: 1 Sayfa Aralığı: 24 - 43 Metin Dili: İngilizce İndeks Tarihi: 05-10-2020

SLAAC Attack Detection Mechanism

Öz:
Attacks against Neighbour Discovery Protocol (NDP) is a major security issue in Internet Protocol Version 6 (IPv6). Itdemands security expert attention because the availability of attacking toolkits has amplified the risk of NDP attack in IPv6 network.Stateless Address Autoconfiguration (SLAAC) attack is a type of NDP attack exploited by attacker to launch MiTM and DoS attack.Researcher have proposed IPSec, Secure NDP (SeND), SAVI, RA-Guard, Trust-ND and other methods but have not been implementedwidely due to enormous resources requirement for cryptographic process and alteration of original NDP. This paper proposes a detectionmechanism named SADetection to detect SLAAC attack. SADetection incorporated enhanced ongoing packet verification andauthentication mechanism. SADetection has been implemented in testbed and has detected three (3) variants of SLAAC attack which areattack using ICMPv6 packet, using fragment packet and using packet with extension header. SADetection has been found to belightweight, platform-independence and interoperable. SADetection does not alter original NDP thus resource practical to SLAAC attack
Anahtar Kelime:

Belge Türü: Makale Makale Türü: Araştırma Makalesi Erişim Türü: Erişime Açık
  • [1] S. Deering and R. Hinden. RFC 8200 Internet Protocol, Version 6 (IPv6) Specification. RFC standard. Internet Engineering Task Force (IETF). http://www.ietf.org/rfc/rfc8200.txt, 2017.
  • [2] T. Narten, E. Nordmark, W. Simpson and H. Soliman. RFC 4861 Neighbor Discovery for IP version 6 (IPv6). RFC standard. Internet Engineering Task Force (IETF). http://www.ietf.org/rfc/rfc4861.txt, 2007.
  • [3] S. Thomson, T. Narten and T. Jinmei. RFC 4862 IPv6 Stateless Address Autoconfiguration. RFC standard. Internet Engineering Task Force (IETF). http://www.ietf.org/rfc/rfc4862.txt, 2007.
  • [4] A. Cooper, F. Gont, and D. Thaler. RFC 7721 Security and Privacy Considerations for IPv6 Address Generation Mechanisms. RFC standard. Internet Engineering Task Force (IETF). http://www.ietf.org/rfc/rfc7721.txt, 2016.
  • [5] P. Nikander, J. Kempf and E. Nordmark. RFC 3756 IPv6 Neighbor Discovery (ND) Trust Models and Threats. RFC standard. Internet Engineering Task Force (IETF). http://www.ietf.org/rfc/rfc3756.txt, 2004.
  • [6] S. U. Rehman and S. Manickam. “Improved Mechanism to Prevent Denial of Service Attack in IPv6 Duplicate Address Detection Process”. International Journal of Advanced Computer Science and Applications (IJACSA), Vol. 8, No. 2, 2017.
  • [7] S. Praptodiyono, R. K. Murugesan, I. H. Hasbullah, C. Y. Wey, M. M. Kadhum and A. Osman. “Security Mechanism for IPv6 Stateless Address Autoconfiguration”. International Conference on Automation, Cognitive Science, Optics, Micro Electro- Mechanical System, and Information Technology (ICACOMIT), pp. 31-36, 2015.
  • [8] H. Rafiee and C. Meinel. “SSAS: A simple secure addressing scheme for IPv6 autoconfiguration”. Eleventh Annual Conference on Privacy, Security and Trust, pp. 275-282, 2013.
  • [9] D. McPherson, F. Baker and J. Halpern. RFC 6959 Source Address Validation Improvement (SAVI) Threat Scope. RFC standard. Internet Engineering Task Force (IETF). http://www.ietf.org/rfc/rfc6959.txt, 2013.
  • [10] J. Zhang, J. Liu, Z. Xu, J. Li and X. Ye. “TRDP: a Trusted Router Discovery Protocol”. International Symposium on Communications and Information Technologies, pp 660-665, 2007.
  • [11] E. J. Arkko, J. Kempf, B. Zill, and P. Nikander. RFC 3971 SEcure Neighbor Discovery (SeND). RFC standard. Internet Engineering Task Force (IETF). http://www.ietf.org/rfc/rfc3971.txt, 2005.
  • [12] F. Gont. RFC 7113 Implementation Advice for IPv6 Router Advertisement Guard (RA-Guard). RFC standard. Internet Engineering Task Force (IETF). http://www.ietf.org/rfc/rfc7113.txt, 2014.
  • [13] F. Gont. RFC 6980 Security Implications of IPv6 Fragmentation with IPv6 Neighbor Discovery. RFC standard. Internet Engineering Task Force (IETF). http://www.ietf.org/rfc/rfc6980.txt, 2013.
  • [14] S. I. Shah, M. Anbar, A. Al-Ani and A. Al-Ani. “Hybridizing Entropy Based Mechanism with Adaptive Threshold Algorithm to Detect RA Flooding Attack in IPv6 Networks”. International Conference on Computational Science and Technology 2018 (ICCST2018), 2019.
  • [15] S. A. Abdullah. “SEUI-64 bits an IPv6 Addressing Strategy to Mitigate Reconnaissance Attacks”. Engineering Science and Technology, an International Journal, Volume 22, Issue 2, pp 667-672, 2018.
  • [16] S. Y. Massamba and S. A. R. R. Cheikh. “Securisation of an IPv6 Address Obtaining with SLAAC in Home Networks”. OALib. 05, pp 1-12, 2018.
  • [17] Y. Lu, M. Wang and P. Huang. “An SDN-Based Authentication Mechanism for Securing Neighbor Discovery Protocol in IPv6”. Security and Communication Networks, pp 1-9, 2017.
  • [18] M. Schutte. IPv6 Plugin for the Snort Intrusion Detection System. Technical report. IPv6 Intrusion Detection System. http://www.idsv6.de, 2014.
  • [19] J. N. Goel and B. Mehtre. “Dynamic IPv6 Activation Based Defense for IPv6 router advertisement flooding (DoS) attack”. IEEE International Conference on Computational Intelligence and Computing Research, pp. 1-5, 2014.
  • [20] F. A. Barbhuiya, S. Biswas and S. Nandi. “Detection of Neighbor Solicitation and Advertisement Spoofing in IPv6 Neighbor Discovery Protocol”. The 4th international conference on Security of information and networks (SIN '11), pp 111-118, 2011.
  • [21] G. Bansal, N. Kumar, S. Nandi and S. Biswas. “Detection of NDP Based Attacks Using MLD”. The 5th International Conference on Security of Information and Networks (SIN '12), pp 163-167, 2012.
  • [22] E. Levy-Abegnoli, G. Van de Velde, C. Popoviciu and J. Mohacsi. RFC 6105 IPv6 Router Advertisement Guard. RFC standard. Internet Engineering Task Force (IETF). http://www.ietf.org/rfc/rfc6105.txt, 2011.
  • [23] K. Scarfone and P. Mell. Guide to Intrusion Detection and Prevention Systems (IDPS). Technical report. The National Institute of Standards and Technology (NIST). https://www.nist.gov/publications/guide-intrusiondetection- and-prevention-systems-idps, 2007.
APA Omar N, Manickam S (2020). SLAAC Attack Detection Mechanism. , 24 - 43.
Chicago Omar Nazrool,Manickam Selvakumar SLAAC Attack Detection Mechanism. (2020): 24 - 43.
MLA Omar Nazrool,Manickam Selvakumar SLAAC Attack Detection Mechanism. , 2020, ss.24 - 43.
AMA Omar N,Manickam S SLAAC Attack Detection Mechanism. . 2020; 24 - 43.
Vancouver Omar N,Manickam S SLAAC Attack Detection Mechanism. . 2020; 24 - 43.
IEEE Omar N,Manickam S "SLAAC Attack Detection Mechanism." , ss.24 - 43, 2020.
ISNAD Omar, Nazrool - Manickam, Selvakumar. "SLAAC Attack Detection Mechanism". (2020), 24-43.
APA Omar N, Manickam S (2020). SLAAC Attack Detection Mechanism. INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE, 9(1), 24 - 43.
Chicago Omar Nazrool,Manickam Selvakumar SLAAC Attack Detection Mechanism. INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE 9, no.1 (2020): 24 - 43.
MLA Omar Nazrool,Manickam Selvakumar SLAAC Attack Detection Mechanism. INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE, vol.9, no.1, 2020, ss.24 - 43.
AMA Omar N,Manickam S SLAAC Attack Detection Mechanism. INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE. 2020; 9(1): 24 - 43.
Vancouver Omar N,Manickam S SLAAC Attack Detection Mechanism. INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE. 2020; 9(1): 24 - 43.
IEEE Omar N,Manickam S "SLAAC Attack Detection Mechanism." INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE, 9, ss.24 - 43, 2020.
ISNAD Omar, Nazrool - Manickam, Selvakumar. "SLAAC Attack Detection Mechanism". INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE 9/1 (2020), 24-43.