Routing Attack in the ND and SEND Mixed Environment

Author

Hou Yi ; Wang Zhen-Xing ; Wang Yu ; Zhang Lian-Cheng

Author_Institution

Nat. Digital Switching Syst. Eng. & Technol. Res. Center, Zhengzhou, China

fYear

2012

fDate

2-4 Nov. 2012

Firstpage

959

Lastpage

962

Abstract

With the deployment of IPv6 and the rising threat of ND security issues, SEND is desiderated to be deployed in subnets. SEND binds the node´s identifier to IP address and adds the digital signature to its message to resist hijacking and man-in-the-middle attacks. However, during the stage of transition, the coexistence of ND and SEND may cause security issues. This paper analyzes the specific security vulnerabilities in the mixed environment of SEND and ND, and proposes a method of routing attack in the coexistence environment, which takes advantages of the source address selection algorithm to induce the host to send packets through the unsecure addresses and routers, in order to bypass the protection of router advertisement and the authentication of router identity by SEND option. The research of this paper will help the wide deployment of SEND mechanism and provide protection for the IPv6 subnets.

Keywords

IP networks; authorisation; computer network security; digital signatures; telecommunication network routing; IP address; IPv6 deployment; IPv6 subnets; ND security issues; ND-SEND mixed environment; SEND mechanism deployment; coexistence environment; digital signature; man-in-the-middle attacks; node identifier; router advertisement protection; router identity authentication; routing attack; source address selection algorithm; Cryptography; Digital signatures; IP networks; Routing; Routing protocols; Mixed Environment; ND; Routing Attack; SEND;

fLanguage

English

Publisher

ieee

Conference_Titel

Multimedia Information Networking and Security (MINES), 2012 Fourth International Conference on

Conference_Location

Nanjing

Print_ISBN

978-1-4673-3093-0

Type

conf

DOI

10.1109/MINES.2012.196

Filename

6405740