User identification in IPV6 network} (original) (raw)
Related papers
A new approach for detection of host identity in IPv6 networks
2013 International Conference on Data Communication Networking (DCNET), 2013
For security, management and accounting, network administrators benefit from knowledge of IP and MAC address bindings. In IPv6, learning these bindings is not as straightforward as it is in IPv4. This paper presents a new approach to track IPv6 address assignments in LANs. The method is based on a study of implementation of IPv6 (mainly neighbor discovery) in current operating systems. The detection is passive for end devices and does not require any software or hardware modifications. In contrast with current methods, our approach does not poll routers in the network and works also in networks where IPv6 multicast is not broadcasted (active Multicast Listener Discovery snooping - MLD snooping). Moreover, our approach detects that an address is no longer used. The approach was successfully tested in a campus network.
Owner identification is an important aspect of improving network visibility and enhancing network security within local area networks deploying IPv6. This paper presents a simulation study for owner identification in an enterprise local area network from their IPv6 addresses. The study is based around the reverse implementation (many-to-one mapping) of a one-to-many reversible mapping. The paper reviews the many-to-one mechanism and the associated simulation software development, followed by presentation of results obtained from required functional tests. The IPv6 address data can be obtained from the output of any network monitoring software. In addition to a text format for verification, it also uses a checksum for validation which is used during the IPv6 address generation and identification. The simulation software given here can easily identify an IPv6 address owner if the IPv6 address is properly generated by the mechanism and it can display particular verification messages.
Address Autoconfiguration in IPv6 Networks: Challenges and Countermeasures
International Journal of Recent Technology and Engineering (IJRTE), 2019
The demand for internet and its applications has eventually led to the depletion of the dominant IPv4 addresses. This has resulted in the inevitable need for the next generation Internet Protocol IPv6, which contains an enormous pool of IP addresses. Address Autoconfiguration, a remarkable feature of IPv6 enables a node connected in the network to automatically configure an IP address for its interface and instantly participate in network communications. The Internet Engineering Task Force (IETF) has classified autoconfiguration into Stateless and Stateful mechanisms. Several IPv6 protocols have been employed to achieve autoconfiguration of networks. However, in addition to the excellent competence of this feature, autoconfiguration certainly suffers in terms of security and optimization. This paper attempts to enlighten the need and merits of Address Autoconfiguration and finally highlights the challenges, open issues and countermeasures involved in achieving this in real time envi...
IPv6: Now You See Me, Now You Don't
ICN 2011, The Tenth …, 2011
Current implementations of the Internet Protocol version 6 (IPv6) use stateless address auto configuration (SLAAC) to assign network addresses to hosts. This technique produces a static value determined from the Media Access Control (MAC) address as the host portion, or interface identifier (IID), of the IPv6 address. Some implementations create the IID using the MAC unobscured, while others compute a onetime hash value involving the MAC. As a result, the IID of the address remains the same, regardless of the network the node accesses. This IID assignment provides third parties (whether malicious or not) with the ability to track a node's physical location by using simple tools such as ping and traceroute. Additionally, the static IID provides a means to correlate network traffic with a specific user through simple traffic analysis. We examine the techniques used to create autoconfigured addresses. We also discuss how these techniques violate a user's privacy. The serious breaches in privacy caused by SLAAC need to be addressed before deployment of IPv6 becomes widespread. To that end, we provide a detailed taxonomy of different methods for obscuring IPv6 autoconfigured IIDs.
Practical IPv6 monitoring-challenges and techniques
12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops, 2011
Network monitoring is an essential task of network management. Information obtained by monitoring devices gives a real picture of the network in production including transmitted data volumes, top hosts, a list of frequently used applications etc. Deep analysis of data collected by monitoring can reveal network attacks or detect misuse of network services. In addition, Data Retention Act requires each ISP to track user's activities. Protocol IPv6 puts new challenges for network administrators in the context of user identification. Unlike IPv4, an IPv6 address no longer uniquely identifies a user or PC. IPv6 address can be randomly generated and keeps changing in time. PCs with IPv6 stack can also communicate via predefined tunnels over IPv4 infrastructure. That tunneled traffic mostly bypasses network security implemented via firewalls. In this paper, we identify major monitoring and security issues of IPv6 connectivity and propose a solution based on SNMP and Netflow data that helps to uniquely identify users. The solution requires an extended set of monitoring data to be collected from network devices. We present a new data structure based on extended Netflow records. Feasibility of the approach is demonstrated on the Brno University of Technology (BUT) campus network.
AN EMPIRICAL STUDY ON INTERNET PROTOCOL IPV6 IN NETWORKING
The internet protocol IPv4 has met requires for years, but the number of addresses, while huge is finite. It has several shortcomings which are unavoidable and complicate such exhausted address space, security issues, non-availability of auto-configuration and in some cases present a obstacle to, the advance improvement of the Internet. The resolution to mitigate this problem was the development of the new IPv6 protocol which enlarges the address space from 32-bits to 128-bits. IPv6 assembles a high address space, superior address design and better safety among other profits. IPv6 distribution necessitates deep and careful firm to minimize network disruption and ensure that the profits of IPv6 are accessed. Due to the issues of IPv4, now-a-days IPv6 is extremely popular in associations, corporations and Internet Service Providers (ISP). In this paper, we aim to provide a Literature Survey which describes the various techniques to implement IPv6 transition most optimal method to increase the network performances.
IPv6 Stateless Address Autoconfiguration: Balancing between Security, Privacy and Usability
Lecture Notes in Computer Science, 2013
Included in the IPv6 suite is a method for devices to automatically configure their own addresses in a secure manner. This technique is called Cryptographically Generated Addresses (CGAs). CGA provides the ownership proof necessary for an IPv6 address without relying on any trust authority. However, the CGAs computation is very high, especially for a high security level defined by the security parameter (Sec). Therefore, the high cost of address generation may keep hosts that use a high Sec values from changing their addresses on a frequent basis. This results in hosts still being susceptible to privacy related attacks. This paper proposes modifications to the standard CGA to make it more applicable security approach while protecting user privacy. We make CGA more privacy-conscious by changing addresses over time which protects users from being tracked. We propose to reduce the CGA granularity of the security level from 16 to 8. We believe that an 8 granularity is more feasible for use in most applications and scenarios. These extensions to the standard CGA are implemented and evaluated.
ANALYSIS OF IPV6 COMMUNICATION ARCHITECTURE USING SPECIFIC ADDRESSES
Concepts Books Publication, 2017
In the current Internet architecture, IP address used for the node identifier, that is, generally a single IP address is assigned to a node, and used permanently until the node becomes inactive. The same address is used for all communications from/to the node. However, this communication paradigm has a fundamental problem regarding security that the information of IP address of the node is open not only to nodes who intend to communicate to it, but also to anonymous parties who try to attack the node. To solve this problem, we change our traditional paradigm completely and propose a new solution called Unified Multiplex Communication Architecture. The most difference from the current Internet is that an IP address is not used for node identifier, but for service identifier. In the Unified Multiplex Communication Architecture, we change IP addresses session-by-session, and the assigned address is invalid immediately after the session terminates. This architecture simply changes the direction for use of IP address but enhances the security significantly.However, there is a major issue on Unified Multiplex how to determine the IP address to connect the server, since IP address is assigned to session one-by-one. Prior to communication, the client should know the IP address of the server which is used for awaiting the connection from the client. For this problem, in this thesis we propose a new, non-negotiation type IP address determination mechanism that is feasible by updating the operating system on end hosts only (no modification of application is needed). In our mechanism, IP address generation is performed on both server and client independently, but generated addresses are synchronized because time information is used for address generation. We then analyze the interval of address update (i.e., the lifetime of generated address) for avoiding unexpected failure due to our mechanism. Our numerical result shows that our address update mechanism is extremely robust against brute-force type attacks. Moreover, detailed design and implementation methods are described for realization. Keywords Communication Architecture Secure Communication IPv6
Observations of IPv6 addresses
2008
IPv6 addresses are longer than IPv4 addresses, and are so capable of greater expression. Given an IPv6 address, conventions and standards allow us to draw conclusions about how IPv6 is being used on the node with that address. We show a technique for analysing IPv6 addresses and apply it to a number of datasets. The datasets include addresses seen at a busy mirror server, at an IPv6enabled TLD DNS server and when running traceroute across the production IPv6 network. The technique quantifies differences in these datasets that we intuitively expect, and shows that IPv6 is being used in different ways by different groups.