As the Internet becomes pervasive, the vulnerability of some fundamental design aspects of the Internet has also become significant. Among which, denial-of-service (DoS) and distributed DoS (DDoS) pose significant problems, as they are disruptive to the useful traffics and are hard to prevent. One solution consists in instituting accountability, which hold the attackers accountable for the attack. The key issue is to identify the real sources of the attacks and attackers use spoofed IP address to hide their actual network location. However, the Internet architecture does not provide intrinsic support for identifying the real sources of IP packets. Numerous mechanisms have been proposed to traceback the real sources. Most of such networks have been addressing the IP version 4. In this paper, we address the issues of IP traceback in the context of IPv6 and mobile IPv6. This paper provides a detailed analysis of these issues and problems. The main problem lies with the transformations that are introduced by IPv6 and mobile IPv6 protocols, namely tunneling and addresses manipulation. We then propose a solution, including new ICMPv6 messages for traceback co-ordination, to facilitate the traceback mechanism.
[1]
Stephen E. Deering,et al.
Generic Packet Tunneling in IPv6 Specification
,
1998,
RFC.
[2]
Jon Postel,et al.
Internet Protocol
,
1981,
RFC.
[3]
Stephen E. Deering,et al.
Internet Protocol, Version 6 (IPv6) Specification
,
1995,
RFC.
[4]
Paul Ferguson,et al.
Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing
,
1998,
RFC.
[5]
Kevin J. Houle,et al.
Trends in Denial of Service Attack Technology
,
2001
.
[6]
Steven M. Bellovin,et al.
ICMP Traceback Messages
,
2003
.
[7]
Carl A. Sunshine,et al.
The ARPA Internet Protocol
,
1981,
Comput. Networks.
[8]
Charles E. Perkins,et al.
Mobility support in IPv6
,
1996,
MobiCom '96.
[9]
Alex C. Snoeren,et al.
Hash-based IP traceback
,
2001,
SIGCOMM '01.
[10]
Anna R. Karlin,et al.
Practical network support for IP traceback
,
2000,
SIGCOMM.