An IPv6 Source Address Validation Testbed and Prototype Implementation
نویسندگان
چکیده
Since the Internet uses destination-based packet forwarding, malicious attacks have been launched using spoofed source addresses. In an effort to enhance the Internet with IP source address validation, we prototyped an implementation of the IPv6 Source Address Validation Architecture (SAVA) and conducted the evaluation on an IPv6 test-bed. This paper reports our prototype implementation and the test results, as well as the lessons and insights gained from our experimentation. Some enhanced methods are also introduced in this article.
منابع مشابه
Validation Architecture ( SAVA ) Testbed and Deployment Experience
Because the Internet forwards packets according to the IP destination address, packet forwarding typically takes place without inspection of the source address and malicious attacks have been launched using spoofed source addresses. In an effort to enhance the Internet with IP source address validation, a prototype implementation of the IP Source Address Validation Architecture (SAVA) was creat...
متن کاملRFC 5210 SAVA Testbed June 2008
Because the Internet forwards packets according to the IP destination address, packet forwarding typically takes place without inspection of the source address and malicious attacks have been launched using spoofed source addresses. In an effort to enhance the Internet with IP source address validation, a prototype implementation of the IP Source Address Validation Architecture (SAVA) was creat...
متن کاملImplementation and Evaluation of DSMIPv6 for MIPL
Mobile IPv6 performs mobility management to mobile node within IPv6 networks. Since IPv6 is not widely deployed yet, it's an important feature to let Mobile IPv6 support mobile node moving to IPv4 network and maintaining the established communications. DSMIPv6 specification extends Mobile IPv6 capabilities to allow dual stack mobile nodes to move within IPv4 and IPv6 networks. This paper descri...
متن کاملFourth Ercim Workshop on Emobility
This paper describes the implementation of an IMS testbed, based on open source technologies and operating systems. The testbed provides rich communication services, i.e., Instant Messaging, Network Address Book and Presence as well as VoIP and PSTN interconnectivity. Our validation tests indicate that the performance of the testbed is comparable to similar testbeds, but that operating system v...
متن کاملDenial of Service Attack in IPv6 Duplicate Address Detection Process
IPv6 was designed to replace the existing Internet Protocol, that is, IPv4. The main advantage of IPv6 over IPv4 is the vastness of address space. In addition, various improvements were brought to IPv6 to address the drawbacks in IPv4. Nevertheless, as with any new technology, IPv6 suffers from various security vulnerabilities. One of the vulnerabilities discovered allows Denial of Service Atta...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- JNW
دوره 4 شماره
صفحات -
تاریخ انتشار 2009