Authenticated IPv6 Packet Traceback Against Reflector Based Packet Flooding Attack

IPv6 can provide end-to-end security services such as access control, confidentiality, and data integrity with less impact on network performance. However, we can also prospect that there will be much more dangerous and tremendous type of attack on IPv6 than that on IPv4. So, we propose new IP traceback mechanism for tracing the spoofed real source on IPv6 packet using authentication mechanism. Proposed authentication mechanism supports the key disclosure mechanism on IPv6 packet marking with ICMPv6 on the IP traceback process.

[1]  Paul Ferguson,et al.  Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing , 1998, RFC.

[2]  Shigeyuki Matsuda,et al.  Tracing Network Attacks to Their Sources , 2002, IEEE Internet Comput..

[3]  J. Elliott,et al.  Distributed denial of service attacks and the zombie ant effect , 2000 .

[4]  Stephen E. Deering,et al.  Internet Protocol, Version 6 (IPv6) Specification , 1995, RFC.

[5]  Hassan Aljifri,et al.  IP Traceback: A New Denial-of-Service Deterrent? , 2003, IEEE Secur. Priv..

[6]  Pete Loshin IPv6 : Theory, Protocol, and Practice 2nd edition Ed. 2 , 2004 .

[7]  Vern Paxson,et al.  An analysis of using reflectors for distributed denial-of-service attacks , 2001, CCRV.

[8]  Lee Garber,et al.  Denial-of-Service Attacks Rip the Internet , 2000, Computer.

[9]  Pete Loshin IPv6: Theory, Protocol, and Practice , 2003 .

[10]  Vrizlynn L. L. Thing,et al.  On the issues of IP traceback for IPv6 and mobile IPv6 , 2003, Proceedings of the Eighth IEEE Symposium on Computers and Communications. ISCC 2003.

[11]  Rocky K. C. Chang,et al.  Defending against flooding-based distributed denial-of-service attacks: a tutorial , 2002, IEEE Commun. Mag..

[12]  Steven M. Bellovin,et al.  ICMP Traceback Messages , 2003 .

[13]  Dawn Xiaodong Song,et al.  Advanced and authenticated marking schemes for IP traceback , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[14]  Nirwan Ansari,et al.  On IP traceback , 2003, IEEE Commun. Mag..