TY - GEN
T1 - Flow-based detection of IPv6-specific network layer attacks
AU - Hendriks, Luuk
AU - Velan, Petr
AU - de O. Schmidt, Ricardo
AU - de Boer, Pieter-Tjerk
AU - Pras, Aiko
N1 - Conference code: 11
PY - 2017
Y1 - 2017
N2 - With a vastly different header format, IPv6 introduces new vulnerabilities not possible in IPv4, potentially requiring new detection algorithms. While many attacks specific to IPv6 have proven to be possible and are described in the literature, no detection solutions for these attacks have been proposed. In this study we identify and characterise IPv6-specific attacks that can be detected using flow monitoring. By constructing flow-based signatures, detection can be performed using available technologies such as NetFlow and IPFIX. To validate our approach, we implemented these signatures in a prototype, monitoring two production networks and injecting attacks into the production traffic.
AB - With a vastly different header format, IPv6 introduces new vulnerabilities not possible in IPv4, potentially requiring new detection algorithms. While many attacks specific to IPv6 have proven to be possible and are described in the literature, no detection solutions for these attacks have been proposed. In this study we identify and characterise IPv6-specific attacks that can be detected using flow monitoring. By constructing flow-based signatures, detection can be performed using available technologies such as NetFlow and IPFIX. To validate our approach, we implemented these signatures in a prototype, monitoring two production networks and injecting attacks into the production traffic.
UR - http://www.scopus.com/inward/record.url?scp=85025133530&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-60774-0_11
DO - 10.1007/978-3-319-60774-0_11
M3 - Conference contribution
AN - SCOPUS:85025133530
SN - 978-3-319-60773-3
T3 - Lecture Notes in Computer Science
SP - 137
EP - 142
BT - Security of Networks and Services in an All-Connected World
A2 - Tuncer, Daphne
A2 - Koch, Robert
A2 - Badonne, Rémi
A2 - Stiller, Burkhard
PB - Springer
CY - Cham
T2 - 11th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, AIMS 2017
Y2 - 10 July 2017 through 13 July 2017
ER -