Denial of service attack: an analysis to IPv6 extension headers security nightmares

Marlon A. Naagas, Anazel P. Gamilla

Abstract


Dealing with scarcity issues of Internet protocol version 4 (IPv4), internet engineering task force (IETF) developed Internet protocol version 6 (IPv6) to support the needs of IP addresses for future use of the internet, however, one challenge that must be faced while transitioning to IPv6 is in the area of security. IPv6 is a new protocol that has many new probabilities for attackers to exploit the protocol stack and one of them is through IPv6 extension headers. Mishandling of extension headers are the security nightmares for network administrators, allowing for new security threats that will cause denial of service (DoS). As a result, the mishandling of IPv6 extension Headers creates new attack vectors that could lead to DoS–which can be exploited for different purposes, such as creating covert channels, fragmentation attacks, and routing header 0 attacks. Furthermore, this paper becomes proof of concepts that even to this day our well-known network devices are still exploitable by these attack vectors.

Keywords


covert channel; denial of service threats; extension headers threats; fragmentation header attack; IPv6 security; routing header 0 attack;

Full Text:

PDF


DOI: http://doi.org/10.11591/ijece.v12i3.pp2922-2930

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

International Journal of Electrical and Computer Engineering (IJECE)
p-ISSN 2088-8708, e-ISSN 2722-2578

This journal is published by the Institute of Advanced Engineering and Science (IAES) in collaboration with Intelektual Pustaka Media Utama (IPMU).