SLAAC Attack Detection Mechanism
Abstract
The discovery of SLAAC attack has increased security threats in IPv6 network. SLAAC attacks is proliferated by the availability of attacking toolkits. Security safeguard must be deployed to detect and eliminate SLAAC attacks. Security safeguards such as IPSec, Secure NDP SeND , Trust-ND and other methods have not been widely implemented due to high processing power requirement for cryptographic process and alteration of original Neighbor Discovery Protocol NDP . Detection mechanism is more practical because does not modify original NDP, can be enhanced with specific capability and uses less intensive processing power. This paper proposes SLAAC attacks detection mechanism using ongoing packet verification and authentication. The detection mechanism not only detect SLAAC attack launched using ICMPv6 type 134 packet but also able to SLAAC attacks launched using packet with fragment and extension header without modification of original NDP.
Keywords
References
- [1] S. Deering and R. Hinden. RFC 8200 Internet Protocol, Version 6 (IPv6) Specification. RFC standard. Internet Engineering Task Force (IETF). http://www.ietf.org/rfc/rfc8200.txt, 2017.
- [2] T. Narten, E. Nordmark, W. Simpson and H. Soliman. RFC 4861 Neighbor Discovery for IP version 6 (IPv6). RFC standard. Internet Engineering Task Force (IETF). http://www.ietf.org/rfc/rfc4861.txt, 2007.
- [3] S. Thomson, T. Narten and T. Jinmei. RFC 4862 IPv6 Stateless Address Autoconfiguration. RFC standard. Internet Engineering Task Force (IETF). http://www.ietf.org/rfc/rfc4862.txt, 2007.
- [4] A. Cooper, F. Gont, and D. Thaler. RFC 7721 Security and Privacy Considerations for IPv6 Address Generation Mechanisms. RFC standard. Internet Engineering Task Force (IETF). http://www.ietf.org/rfc/rfc7721.txt, 2016.
- [5] P. Nikander, J. Kempf and E. Nordmark. RFC 3756 IPv6 Neighbor Discovery (ND) Trust Models and Threats. RFC standard. Internet Engineering Task Force (IETF). http://www.ietf.org/rfc/rfc3756.txt, 2004.
- [6] S. U. Rehman and S. Manickam. “Improved Mechanism to Prevent Denial of Service Attack in IPv6 Duplicate Address Detection Process”. International Journal of Advanced Computer Science and Applications (IJACSA), Vol. 8, No. 2, 2017.
- [7] S. Praptodiyono, R. K. Murugesan, I. H. Hasbullah, C. Y. Wey, M. M. Kadhum and A. Osman. “Security Mechanism for IPv6 Stateless Address Autoconfiguration”. International Conference on Automation, Cognitive Science, Optics, Micro ElectroMechanical System, and Information Technology (ICACOMIT), pp. 31-36, 2015.
- [8] H. Rafiee and C. Meinel. “SSAS: A simple secure addressing scheme for IPv6 autoconfiguration”.Eleventh Annual Conference on Privacy, Security and Trust, pp. 275-282, 2013.
Details
Primary Language
English
Subjects
-
Journal Section
-
Publication Date
March 1, 2020
Submission Date
-
Acceptance Date
-
Published in Issue
Year 2020 Volume: 9 Number: 1
APA
Omar, N. B., & Manickam, S. (2020). SLAAC Attack Detection Mechanism. International Journal of Information Security Science, 9(1), 24-43. https://izlik.org/JA56HF68TY
AMA
1.Omar NB, Manickam S. SLAAC Attack Detection Mechanism. IJISS. 2020;9(1):24-43. https://izlik.org/JA56HF68TY
Chicago
Omar, Nazrool Bin, and Selvakumar Manickam. 2020. “SLAAC Attack Detection Mechanism”. International Journal of Information Security Science 9 (1): 24-43. https://izlik.org/JA56HF68TY.
EndNote
Omar NB, Manickam S (March 1, 2020) SLAAC Attack Detection Mechanism. International Journal of Information Security Science 9 1 24–43.
IEEE
[1]N. B. Omar and S. Manickam, “SLAAC Attack Detection Mechanism”, IJISS, vol. 9, no. 1, pp. 24–43, Mar. 2020, [Online]. Available: https://izlik.org/JA56HF68TY
ISNAD
Omar, Nazrool Bin - Manickam, Selvakumar. “SLAAC Attack Detection Mechanism”. International Journal of Information Security Science 9/1 (March 1, 2020): 24-43. https://izlik.org/JA56HF68TY.
JAMA
1.Omar NB, Manickam S. SLAAC Attack Detection Mechanism. IJISS. 2020;9:24–43.
MLA
Omar, Nazrool Bin, and Selvakumar Manickam. “SLAAC Attack Detection Mechanism”. International Journal of Information Security Science, vol. 9, no. 1, Mar. 2020, pp. 24-43, https://izlik.org/JA56HF68TY.
Vancouver
1.Nazrool Bin Omar, Selvakumar Manickam. SLAAC Attack Detection Mechanism. IJISS [Internet]. 2020 Mar. 1;9(1):24-43. Available from: https://izlik.org/JA56HF68TY