Informace o publikaci
Flow-Based Detection of IPv6-specific Network Layer Attacks
| Autoři | |
|---|---|
| Rok publikování | 2017 |
| Druh | Článek ve sborníku |
| Konference | AIMS 2017 - 11th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security |
| Citace | |
| Doi | http://dx.doi.org/10.1007/978-3-319-60774-0_11 |
| Přiložené soubory | |
| Popis | With a vastly different header format, IPv6 introduces new vulnerabilities not possible in IPv4, potentially requiring new detection algorithms. While many attacks specific to IPv6 have proven to be possible and are described in the literature, no detection solutions for these attacks have been proposed. In this study we identify and characterise IPv6-specific attacks that can be detected using flow monitoring. By constructing flow-based signatures, detection can be performed using available technologies such as NetFlow and IPFIX. To validate our approach, we implemented these signatures in a prototype, monitoring two production networks and injecting attacks into the production traffic. |