Fig 3 - uploaded by Shubair Abdulla
Content may be subject to copyright.
Source publication
It has been widely assumed by the research community that the network reconnaissance attacks in IPv6 networks are unfeasible because they would take tremendous effort to perform address scanning of 2⁶⁴ hosts in an IPv6 subnet. However, recent research has revealed feasibility of these attacks by investigating a number of native IPv6 networks. The r...
Context in source publication
Context 1
... to the specific vender or manufacturer for the interface's device. To assure the uniqueness, the OUI is assigned globally by the IEEE to venders. For example ''00:00:0A" is owned by Omron and ''CC:46:D6" is owned by Cisco Systems Inc. A unique interface identifier, which is 3 bytes long, is appended to OUI bytes to form a 6 bytes MAC address. Fig. 3 shows an example of interface MAC address associated with device manufactured by ...
Similar publications
In terms of heterogeneous devices and sensors, man and machine collaborate seamlessly, giving birth to the Internet of People, Internet of Things, and Internet of the Future. Within a short period, 30 billion intelligent devices in the form of smart applications will get connected to make an individual's life smoother, more comfortable, faster and...
Citations
... To limit address-based network activity scanning, an extension of the SLAAC base time and a location-based dynamic IID generation scheme have also been developed [28,29]. In SEUI-64, the author explains the strategy for creating an IPv6 address that can overcome reconnaissance attacks [17]. The cryptographically generated address (CGA) method uses hash functions to create a secure IPv6 address and mitigate attacks during the addressing process [30]. ...
... The unbiased evaluation of the models is applied using the Bot-IoT dataset [18] • Reconnaissance_Service_Scan: the attack consists of an address analysis to find out the weaknesses of the active services in a network of hosts. Intruders often perform address study in the first phase, then carry out cyberattacks such as DoS and progress to devastating attacks such as DDoS attacks [46]. ...
One of the fields where Artificial Intelligence (AI) must continue to innovate is computer security. The integration of Wireless Sensor Networks (WSN) with the Internet of Things (IoT) creates ecosystems of attractive surfaces for security intrusions, being vulnerable to multiple and simultaneous attacks. This research evaluates the performance of supervised ML techniques for detecting intrusions based on network traffic captures. This work presents a new balanced dataset (IDSAI) with intrusions generated in attack environments in a real scenario. This new dataset has been provided in order to contrast model generalization from different datasets. The results show that for the detection of intruders, the best supervised algorithms are XGBoost, Gradient Boosting, Decision Tree, Random Forest, and Extra Trees, which can generate predictions when trained and predicted with ten specific intrusions (such as ARP spoofing, ICMP echo request Flood, TCP Null, and others), both of binary form (intrusion and non-intrusion) with up to 94% of accuracy, as multiclass form (ten different intrusions and non-intrusion) with up to 92% of accuracy. In contrast, up to 90% of accuracy is achieved for prediction on the Bot-IoT dataset using models trained with the IDSAI dataset.
... Address auto-configuration is the new feature in IPv6 addressing, which supports both stateless and stateful addressing to automatically configure host addresses. In SLAAC, IPv6 host automatically configures its link local and global IPv6 address via random assignment by using specific algorithm or by using EUI-64/SEUI-64 address format [50] to define the IPv6 suffix, while prefixes are advertised by local routers. IPv6 supports same concept of IPv4 to use DHCP as a stateful addressing. ...
This paper presents the features and benefits of legacy IPv4 network migration towards major two latest networking paradigms viz. Internet protocol version 6 (IPv6) and the software-defined networking (SDN). These latest networking paradigms are the enabler of future generation networking so that the standards and requirements of fifth generation (5G) wireless networking can be achieved. Features and migration approaches of IPv6 and SDN will be separately discussed, then a joint migration approach of SDN and IPv6 network termed as SoDIP6 network migration will be presented, and the integration of SoDIP6 network as a backbone of 5G network will be introduced.
... Address auto-configuration is the new feature in IPv6 addressing, which supports both stateless and stateful addressing to automatically configure host addresses. In stateless address auto-configuration, IPv6 host automatically configures its link local and global IPv6 address via random assignment by using specific algorithm or by using EUI-64/SEUI-64 address format [98] to define the IPv6 suffix, while prefixes are advertised by local routers. IPv6 supports same concept of IPv4 to use DHCP as a stateful addressing. ...
SDN and IPv6 networks are the latest networking paradigms emerged to avoid all the control, management, and operation complexities with issues of routing and security in legacy IPv4 networking system. But the lack of backward compatibility with IPv6 and SDN creates many challenges for service providers to migrate their legacy networking infrastructure into such latest generation networking paradigms.
The adaptation of IPv6 addressing World-wide (just crossing 27% World-wide) is still not in a satisfactory level. Similarly, SDN implementation in the service provider networks is still in the early stages. In this regard, being underlying network layer paradigms, SDN and IPv6 joint network migration under the framework of Software-Defined IPv6 (SoDIP6) network is introduced. SoDIP6 network is an IPv6 capable network fully controlled/managed by SDN controller.
Present research considered IP routers migration in the ISPs/Telcos network and implemented adaptive neuro fuzzy inference system (ANFIS) to identify router status, whether it is upgradable or replaceable. ANFIS outperforms well as compared with other recent classification algorithms viz. linear regression, support vector machine (SVM), SVM optimizable, ensemble tree etc. Additionally, the joint migration analysis and modeling of SDN and IPv6 network optimized the total migration cost. For joint migration modeling, the cost metrics of individual and joint network migration to SDN and IPv6 are identified; then the joint migration problem is formulated with customer priority based on service level agreement (SLA) and implemented a greedy algorithm to migrate routers in the shortest path. Shared cost coefficient(MU) and the strength of correlation (SIGMA) as optimization variables are introduced for SDN and IPv6 joint migration cost optimization. A joint migration cost optimization of up to 42.57% at µ = 2 and � = 0.8 has been achieved.
Migration of one ISP affects the business process of another interconnecting ISPs. Hence, an evolutionary approach for Tier-3 multi-ISP network migration has been simulated by following Moran’s birth-death process for finite number of interconnected ISPs. Adaptation variable (σ4t) and strength of migration (δ4t) are introduced for decision making of an ISP to evaluate fitness for migration. The increasing value of σ4t in the consequent previous phases of migration and δ4t ≥ 0.6 is considered to decide for network migration implementation with higher utilities.
The functionality of legacy network interoperability with SoDIP6 network is evaluated using open network operating system (ONOS) controller and SDN-IP application in which longest span shortest path (LSSP) routers are migrated using breadth first router replacement (BFR) approach and the suitable placement of controller is identified using minimum control path latency (MCPL) between switch and the controller communication.
SoDIP6 network contributes to service provider sustainability with operational and capital expenditure reduction with significant saving in energy consumption. Energy efficiency of SoDIP6 network is evaluated using smart sleeping and dynamic adaptation of traffic volume in the link via simulation. For an end-access ISP network, 31.50% energy saving in switches and 55.44% energy saving in links of SoDIP6 network have been achieved as compared with legacy IPv4 network. A discussion on energy optimization and CO2 emission reduction practices with SoDIP6 network are provided with recommended sustainable solution using SoDIP6 network in the early stages of nationwide broadband network expansion in the context of Nepal.
... The Internet has advanced to be one of the humanity's biggest designing structures. The basic conventions which constitute the Internet arrange have needed to scale to the measurements of the present framework, and the decent variety of utilizations and physical layers (Abdullah et al. 2019). The way that the Internet works, regardless of the fast development and change, is an enormous tribute to the internet protocol (IP). ...
IPv6 is another form of the inter networking convention intended to address the inadequacies of the present standard, IPv4. The deliver space is restricted to just 32-bits in IPv4 though IPv6 has 128-bits deliver not withstanding versatility requirement and system layer security. The principle issue is that IPv4 and IPv6 are not good at directly. Along with comprising lines, plans and structures to one standard can’t express with those meant for the other. The lookup issue of IPv6 change enables the clients to service their hosts to IPv6, and the system administrators to send IPv6 in switches, with next to no coordination between the two. In the meantime, it has to rely on address translation mechanisms which facilitate communication between IPv4/IPv6 networks since migration from IPv4 to IPv6 cannot take place all of a sudden. Various lookup problem change tools have been produced to address interoperability of IPv4 and IPv6 systems and frameworks. Be that as it may, none of the current devices address basic issues like the noninvasive movement of basic heritage IPv4-just frameworks to IPv6, and operation of IPv4-just frameworks on IPv6-just center systems. This work exhibits an answer for these IP lookup issues. This paper address the problem of IPv6 address lookup problem and present a routing algorithm for both IPv4 and IPv6 machines which uses address prefix matching algorithm. The proposed method improves the performance of address lookup and reduces the latency as well.
... All over the years, denial and distributed denial of service (DOS and DDOS) cyber-attacks increase continuously to become today one of the most challenging threats to networks technologies [9][10][11]. In such attacks, to suspend legal traffic, hacker compromises thousands of hosts that can include computers, servers, and IOT equipments, and then exploits them simultaneously to overload the victim's resources by a large amount of traffic (Fig. 2). ...
A monitoring mechanism is vital for detecting malicious attacks against cyber systems. Detecting denial of service (DOS) and distributed DOS (DDOS) is one of the most important security challenges facing network technologies. This paper introduces a reliable detection mechanism based on the continuous ranked probability score (CRPS) statistical metric and exponentially smoothing (ES) scheme for enabling efficient detection of DOS and DDOS attacks. In this regard, the CRPS is used to quantify the dissimilarity between a new observation and the distribution of normal traffic. The ES scheme, which is sensitive in detecting small changes, is applied to CRPS measurements for anomaly detection. Moreover, in CRPS-ES approach, a nonparametric decision threshold computed via kernel density estimation is used to suitably detect anomalies. Tests on three publically available datasets proclaim the efficiency of the proposed mechanism in detecting cyber-attacks.
... A standardized method for Generating Semantically Opaque IID is outlined in [7] without compromising the security and privacy of users. In [8] the author highlights the present addressing scheme along with security concern and presents a new IPv6 addressing strategy to mitigate reconnaissance attack by maximizing the search space from a malicious node. In [9] the author outlined a hash scheme for DAD in which the target address is encrypted which prevents the attacker from launching a destination attack. ...
In the IoT network, each node should have the self-configuration capability as well as a unique identifier such as IPv6. The unique IPv6 identity of nodes is primarily maintained by employing the stateless auto-configuration method and Duplicate Address Detection (DAD) protocol. In the existing DAD solutions, when a new node creates a target IPv6 address, it broadcasts a full or partial target address across the network to verify uniqueness. In this process, when the entire target address is broadcast, the target address is exposed to all the nodes of the network, whereas in partial broadcasts, the address of some nodes of the network is exposed to the new node. A malicious node can take advantage of this feature and can disrupt the DAD process by claiming the target address or by making the existing address as assigned. To protect the DAD process from such an attack, this research paper presents a better and secure DAD process, in which, a new node and the existing node transmit only a partial address and both nodes preserve a portion of the address. In this way, neither the existing nor the new malicious node can know the full address of each other, so they can not disrupt the DAD process. Experimental results indicate that the address success rate (ASR) of the proposed scheme outperformed existing DAD solutions in the presence of a malicious node. Moreover, the only partial address is transmitted by the nodes in the network hence reduces addressing cost and energy consumption.
... The extent to which the work can be proposed with the aid of making the IPv6address scheme handy for heterogeneous surroundings by using the use of machine gaining knowledge of algorithms. Another paper associated with network security where the author in [4] targets to minimize the network reconnaissance attacks through the usage of the available Global Unicast IPv6 addressing method. The writer proposed the use of Segment Extended Unique Identifier-64 bits (SEUI-64) as a substitute of EUI-64 bits. ...
... The writer proposed the use of Segment Extended Unique Identifier-64 bits (SEUI-64) as a substitute of EUI-64 bits. For this reason in [4], the Stateless Address Autoconfiguration (SLAAC) method is used to generate the IPv6's interface ID. The author, based on the simulation effects showed the comparison between SEUI-64 bits and RFC 7943 and proved that DHCPv6 assaults are greater susceptible in RFC 7943 than SEUI-64 bit. ...
... The author, based on the simulation effects showed the comparison between SEUI-64 bits and RFC 7943 and proved that DHCPv6 assaults are greater susceptible in RFC 7943 than SEUI-64 bit. From the work, the writer in [4] has applied the SEUI-64 bit approach. But only on some of the reconnaissance assaults that take place at the preliminary stage. ...
IPv6 is the present-day version of the Internet Protocol additionally recognized as a classless addressing scheme, which identifies devices throughout the internet so they can be located. Among the mechanisms that are used to improve the efficiency, classification, and clustering algorithms of machine learning approaches are used. This paper aims to survey some of the methods previously used before the use of a machine learning approach. The proposed method is based on the use of reinforcement algorithm. Thus the aim of this paper is to study the future of IPv6 addresses based on the various mechanisms proposed to minimize the delay by proposing a model with the use of a reinforcement machine learning algorithm to improve the performance result of the addressing.
... Abdullah [15] proposes SEUI-64 bits addressing strategy that produces unpredictable Interface Identifier (IID). Instead of using host's own MAC address as identifier, SEUI -64 bits algorithm uses router's first three (3) bytes of MAC address for first connected host and applies permutation to the bytes for subsequent connected hosts in the network. ...
The discovery of SLAAC attack has increased security threats in IPv6 network. SLAAC attacks is proliferated by the availability of attacking toolkits. Security safeguard must be deployed to detect and eliminate SLAAC attacks. Security safeguards such as IPSec, Secure NDP (SeND), Trust-ND and other methods have not been widely implemented due to high processing power requirement for cryptographic process and alteration of original Neighbor Discovery Protocol (NDP). Detection mechanism is more practical because does not modify original NDP, can be enhanced with specific capability and uses less intensive processing power. This paper proposes SLAAC attacks detection mechanism using ongoing packet verification and authentication. The detection mechanism not only detect SLAAC attack launched using ICMPv6 type 134 packet but also able to SLAAC attacks launched using packet with fragment and extension header without modification of original NDP.
... A dual-stack implementation can be deployed by three ways: (1). IPv4 stack enabled, (2). IPv6 stack enabled and (3). ...
Internet Protocol version 6 (IPv6) is the current generation Internet protocol developed by the Internet Engineering Task Force (IETF) to handle the shortage of IP addresses in IPV4. The transition from IPv4 to IPv6 is gradually being done not happening as anticipated. It is unavoidable to have both IPv4 and IPv6 networks during the transition period, but unfortunately they are not compatible in nature. It is essential to maintain the IPv4 and IPv6 coexistence. The inter-communication ability of IPv4 and IPv6 is the dire need of network community. Many transition techniques are proposed in the recent years. This paper discussed the key difficulties in IPv4-IPv6 transition, and introduced the hybrid approach for coexistence of IPv4 and IPv6. It hybrid the advantages of weightage and tunneling translation techniques for providing inter-communication ability of IPv4 and IPv6. The proposed algorithm has been simulated and the performance metrics; transmission latency, throughput, jitter and delay have been analyzed from end to end host, through various scenarios includes IPv4 only, IPv6 Only, Dual stack, GRE tunneling. The performance of the proposed algorithm is analyzed and the future scope is discussed.
