Abstract
The new features introduced such as Auto-address configuration, End to End connectivity, mandatory support for security and mobility pose a great challenge on security for future networks based on IPv6. In this paper we mainly focus on the typical DoS/DDoS attacks under IPv6, which include TCP-Flood, UDP-Flood, ICMP-Flood and some other attacks based on IPv6 mechanism. We analysis the features of IPv6 and the DoS/DDoS methods above, and proposes a method to detect DoS/DDos attacks that involve TCP-Flood, UDP-Flood, ICMP-Flood, Duplicate Address Detection attack and based on routing header attacks under IPv6 environment.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Deering S, Hinden R (1998) Internet protocol, Version6 (IPv6) specification, RFC2460, 42:19–21
Conta A, Deering S (1998) Internet control message protocol (ICMPv6) for the Internet protocol Version 6 (IPv6) specification, RFC2463, Internet Engineering Task Force, December
Narten T, Nordmark E, Simpson W (1998) Neighbor discovery for IP Version 6 (IPv6), RFC2641, Internet Engineering Task Force, December
Thomson S, Narten T (1998) IPv6 stateless address auto configuration, RFC2462, Internet Engineering Task Force, December
Kent S, Atkinson R (1998) IP authentication header, RFC 2402, Internet Engineering Task Force, November
Kent S, Atkinson R (1998) IP encapsulating security payload (ESP), RFC 2406, Internet Engineering Task Force, November
Jae-Deok Lim, Young-Ho Kim, Ki-Young Kim (2006) Packet filter algorithm to prevent the security hole of routing header in IPv6. SICE-ICASE international joint conference
**nyu Yang, Ting Ma, Yi Shi (2007) Typical DoS/DDoS threats under IPv6. In: Proceedings of the international multi-conference on computing in the Global Information Technology
Sean Convery, Darrin Miller (2004) IPv6 and IPv4 threat comparison and best-practice evaluation (v1.0). Presentation at the 17th NANOG, 24 May 2004
Mirkovic J, Reiher P (2005) D-WARD: a source-end defense against flooding denial-of-service attacks. IEEE Trans Depend Secure Comput 2:216–232
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer Science+Business Media New York
About this paper
Cite this paper
Gao, J., Chen, Y. (2014). Detecting DOS/DDOS Attacks Under Ipv6. In: Zhong, S. (eds) Proceedings of the 2012 International Conference on Cybernetics and Informatics. Lecture Notes in Electrical Engineering, vol 163. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-3872-4_110
Download citation
DOI: https://doi.org/10.1007/978-1-4614-3872-4_110
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-3871-7
Online ISBN: 978-1-4614-3872-4
eBook Packages: EngineeringEngineering (R0)