ETRI-Knowledge Sharing Plaform

ENGLISH

성과물

논문 검색
구분 SCI
연도 ~ 키워드

상세정보

학술대회 Real-Time IP Checking and Packet Marking for Preventing ND-DoS Attack Employing Fake Source IP in IPv6 LAN
Cited 4 time in scopus Download 0 time Share share facebook twitter linkedin kakaostory
저자
안개일, 김기영
발행일
200806
출처
International Conference on Autonomic and Trusted Computing (ATC) 2008 (LNCS 5060), v.5060, pp.36-46
DOI
https://dx.doi.org/10.1007/978-3-540-69295-9_5
초록
IPv6 has been proposed as a basic Internet protocol for realizing a ubiquitous computing service. An IPv6 LAN may suffer from a Neighbor Discovery-Denial of Service (ND-DoS) attack, which results in network congestion on the victim IPv6 LAN by making a great number of Neighbor Discovery protocol messages generated. A ND-DoS attacker may use a fake source IP address to hide his/her identity, which makes it more difficult to handle the attack. In this paper, we propose an IP checking and packet marking scheme, which is applied to an IPv6 access router. The proposed scheme can effectively protect IPv6 LAN from ND-DoS attack employing fake source IP by providing the packets suspected to use fake source and/or destination IP addresses with a poor QoS. © 2008 Springer-Verlag Berlin Heidelberg.
KSP 제안 키워드
Access router, DoS Attacks, Fake Source, IP address, Internet protocol(IP), Neighbor Discovery Protocol, Network Congestion, Real-Time, denial of service(DoS), packet marking, ubiquitous computing