ETRI-Knowledge Sharing Plaform

KOREAN
논문 검색
Type SCI
Year ~ Keyword

Detail

Conference Paper IPv6 Duplicate Address Detection DoS Attack Detector
Cited - time in scopus Share share facebook twitter linkedin kakaostory
Authors
Seung Ho Ryu, Hwan Kuk Kim, Ki Young Kim
Issue Date
2006-11
Citation
International Conference on Hybrid Information Technology (ICHIT) 2006, pp.1-10
Language
English
Type
Conference Paper
Abstract
Stateless address autoconfiguration is a fundamental functionality in IPv6. To do this, a node generates a temporary address and undergoes a special step known as Duplicate Address Detection (DAD). Node queries the temporary address and waits for a response. While processing DAD, Denial of Service (DoS) attack is potentially eligible. An attacker responds to other node's query in spite of not using the queried address as its own one. In this paper, two new DAD detection approaches are investigated: Passive DAD DoS Detection (PDD) and Active DAD DoS Detection (ADD). PDD holds the address collision counter and compare it with the predefined threshold. ADD actively allures the attacker out of the veil by putting a bait. We also suggest a formula feasible for obtaining an affordable threshold in PDD through a probabilistic step. Our approach makes a contribution to setting up DAD DoS attack tracker.
KSP Keywords
Address autoconfiguration, Denial-of-service (DoS) attacks, Detection Approaches, DoS detection, Duplicate address detection, Setting up