Presentation is loading. Please wait.

Presentation is loading. Please wait.

Possible Attacks based on IPv6 Features and Its Detection

Published byAubrey Webb Modified over 4 years ago

Similar presentations

Presentation on theme: "Possible Attacks based on IPv6 Features and Its Detection"— Presentation transcript:

1 Possible Attacks based on IPv6 Features and Its Detection
Zhaowen Lin Presented by: Xiaohong Huang Beijing University of Posts and Telecommunications 2007 APAN Meeting Xi’an, 27/08/2007 2019/10/12

2 Outline 1 2 3 4 5 BACKGROUND TAXONOMY OF ATTACKS NDP DETECTOR
TESTING AND RESULTS 4 CONCLUSION 5

3 Background Following the current IPv4 address assignment model and trend, the lifespan of IPv4 could still last for some years, but, the IPv6 is the future The research, development and deployment of IPv6 is inevitable trend in the world

4 Background IPv6 in wireless environments Security problems
Wireless LANs at airports, hotels and cafes, etc. Security problems It is fairly easy to set up a phony WLAN base station, leading to various kinds of access stealing, Scan, DoS, and man-in-middle attacks. More attentions are needed on this point.

5 Contribution of the paper
This paper aims to solve the possible attacks pertinent to current IPv6 Neighbor Discovery Protocol (NDP). One NDP Detector is proposed to avoid untrustworthy nodes to launch various kinds of attacks.

6 TAXONOMY OF ATTACKS Scan Attack MitM (man-in-the-middle ) Attack
DoS (Deny of Service) Attack

7 Scan Attack

8 MitM Attack

9 DoS Attacks DoS (Deny of Service) Attack Bogus On-Link Prefix
Bogus Address Configuration Prefix DAD Spoofing Bogus Address DoS Attack Parameter Spoofing Smurf6 Attack PMTU Attack

10 Smurf6 Attack

11 NDP DETECTOR

12 TESTING AND RESULTS As we discussed above, there are several types of attacks based on IPv6 features. We designed and implemented an IPv6 attack tool and a detector. In this section, they are used to launch attacks and do the detection. The tests are carried on the BUPT NOC of CERNET2, including scan attacks, DoS attacks and MitM attacks. The results are showed in Table .

13 CONCLUSION Possible attacks pertinent to current IPv6 Neighbor Discovery Protocol are introduced. One detector is developed to detect possible attacks. Results show that the attack methods are feasible and the detection logics are effective. Due to the fact that Secure Neighbor Discovery (SEND) forwarded by IETF SEND Group is too complex to be applied to actual network, our detection methods will be an efficient method to low the damages to a certainty.

14 Thank You !   返回

Download ppt "Possible Attacks based on IPv6 Features and Its Detection"

Similar presentations

A CGA based Source Address Authentication Method in IPv6 Access Network(CSA) Guang Yao, Jun Bi and Pingping Lin Tsinghua University APAN26 Queenstown,

A CGA based Source Address Authentication Method in IPv6 Access Network(CSA) Guang Yao, Jun Bi and Pingping Lin Tsinghua University APAN26 Queenstown,
1 Mobile IPv6-Based Ad Hoc Networks: Its Development and Application Advisor: Dr. Kai-Wei Ke Speaker: Wei-Ying Huang.

1 Mobile IPv6-Based Ad Hoc Networks: Its Development and Application Advisor: Dr. Kai-Wei Ke Speaker: Wei-Ying Huang.
Dynamic Tunnel Management Protocol for IPv4 Traversal of IPv6 Mobile Network Jaehoon Jeong Protocol Engineering Center, ETRI

Dynamic Tunnel Management Protocol for IPv4 Traversal of IPv6 Mobile Network Jaehoon Jeong Protocol Engineering Center, ETRI
Understanding IPv6 Slide: 1 Lesson 1 Introduction to IPv6.

Understanding IPv6 Slide: 1 Lesson 1 Introduction to IPv6.
IP over ETH over IEEE802.16 draft-riegel-16ng-ip-over-eth-over-80216-01 Max Riegel

IP over ETH over IEEE draft-riegel-16ng-ip-over-eth-over Max Riegel
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
How to Design Wireless Security Mechanisms Manel Guerrero Zapata Mobile Networks Laboratory Nokia Research Center.

How to Design Wireless Security Mechanisms Manel Guerrero Zapata Mobile Networks Laboratory Nokia Research Center.
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.
© Mobile Platform Laboratory | SAMSUNG Electronics IPv6 DAD Optimization Goals and Requirements Soohong Daniel Park / Youn-Hee Han / Greg Daley

© Mobile Platform Laboratory | SAMSUNG Electronics IPv6 DAD Optimization Goals and Requirements Soohong Daniel Park / Youn-Hee Han / Greg Daley
SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.

SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.
A Study of Mobile IP Kunal Ganguly Wichita State University CS843 – Distributed Computing.

A Study of Mobile IP Kunal Ganguly Wichita State University CS843 – Distributed Computing.
Hidden Terminal based Attack, Diagnosis and Detection Yao Zhao, Leo Zhao, Yan Chen Lab for Internet & Security Tech, Northwestern Univ.

Hidden Terminal based Attack, Diagnosis and Detection Yao Zhao, Leo Zhao, Yan Chen Lab for Internet & Security Tech, Northwestern Univ.
PaC with unspecified IP address. Requirements Assigning an IP address to the client is outside the scope of PANA. PANA protocol design MAY require the.

PaC with unspecified IP address. Requirements Assigning an IP address to the client is outside the scope of PANA. PANA protocol design MAY require the.
Summary of Certification Process (part 1). IPv6 Client IPv6 packets inside IPv4 packets.

Summary of Certification Process (part 1). IPv6 Client IPv6 packets inside IPv4 packets.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Wireless Router LAN Switching and Wireless – Chapter 7.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Wireless Router LAN Switching and Wireless – Chapter 7.
IPv6 Home Networking Architecture - update IETF homenet WG Interim meeting Philadelphia, 6 th Oct 2011 draft-chown-homenet-arch-00.

IPv6 Home Networking Architecture - update IETF homenet WG Interim meeting Philadelphia, 6 th Oct 2011 draft-chown-homenet-arch-00.
Secure Cell Relay Routing Protocol for Sensor Networks Xiaojiang Du, Fengiing Lin Department of Computer Science North Dakota State University 24th IEEE.

Secure Cell Relay Routing Protocol for Sensor Networks Xiaojiang Du, Fengiing Lin Department of Computer Science North Dakota State University 24th IEEE.
1 Adaptive QoS Framework for Wireless Sensor Networks Lucy He Honeywell Technology & Solutions Lab No. 430 Guo Li Bin Road, Pudong New Area, Shanghai,

1 Adaptive QoS Framework for Wireless Sensor Networks Lucy He Honeywell Technology & Solutions Lab No. 430 Guo Li Bin Road, Pudong New Area, Shanghai,
Weaponizing Wireless Networks: An Attack Tool for Launching Attacks against Sensor Networks Thanassis Giannetsos Tassos Dimitriou Neeli R. Prasad.

Weaponizing Wireless Networks: An Attack Tool for Launching Attacks against Sensor Networks Thanassis Giannetsos Tassos Dimitriou Neeli R. Prasad.
Fault-Tolerant Design for Mobile IPv6 Networks Jenn-Wei Lin and Ming-Feng Yang Graduate Institute of Applied Science and Engineering Fu Jen Catholic University.

Fault-Tolerant Design for Mobile IPv6 Networks Jenn-Wei Lin and Ming-Feng Yang Graduate Institute of Applied Science and Engineering Fu Jen Catholic University.

Similar presentations

Ads by Google