The IPv4 protocol suite is vulnerable to a variety of attacks. IPv6 security is in many ways the same as IPv4 security, the basic mechanisms for transporting packets across the network stay mostly unchanged, and the u...The IPv4 protocol suite is vulnerable to a variety of attacks. IPv6 security is in many ways the same as IPv4 security, the basic mechanisms for transporting packets across the network stay mostly unchanged, and the upper-layer protocols that transport the actual application data are mostly unaffected. This paper illustrates sniffing threat against IPv4 and then compares how the threat might influence an IPv6 networks. This is prefaced by a brief overview of current practices around the design of an IPv4 Internet edge network and then followed by a review of how that IPv4 edge network needs to evolve in order to secure the addition of IPv6. As IPv6 security is a large and complex subject, and also, IPv6 network is still at the very beginning stage and has not been fully examined in fact, this paper focus on the security requirements of medium edge networks.展开更多
IPv6 is the foundation of the development of Next Generation Internet (NGI). An IPv6 network management and operations support system is necessary for real operable NGI. Presently there are no approved standards yet a...IPv6 is the foundation of the development of Next Generation Internet (NGI). An IPv6 network management and operations support system is necessary for real operable NGI. Presently there are no approved standards yet and relevant equipment interfaces are not perfect. A Network Management System (NMS) at the network layer helps implement the integrated management of a network with equipment from multiple vendors, including the network resources and topology, end-to-end network performance, network failures and customer Service Level Agreement (SLA) management. Though the NMS will finally realize pure IPv6 network management, it must be accommodated to the management of relevant IPv4 equipment. Therefore, modularized and layered structure is adopted for the NMS in order to implement its smooth transition.展开更多
The Internet of Things(IoT)consists of interconnected smart devices communicating and collecting data.The Routing Protocol for Low-Power and Lossy Networks(RPL)is the standard protocol for Internet Protocol Version 6(...The Internet of Things(IoT)consists of interconnected smart devices communicating and collecting data.The Routing Protocol for Low-Power and Lossy Networks(RPL)is the standard protocol for Internet Protocol Version 6(IPv6)in the IoT.However,RPL is vulnerable to various attacks,including the sinkhole attack,which disrupts the network by manipulating routing information.This paper proposes the Unweighted Voting Method(UVM)for sinkhole node identification,utilizing three key behavioral indicators:DODAG Information Object(DIO)Transaction Frequency,Rank Harmony,and Power Consumption.These indicators have been carefully selected based on their contribution to sinkhole attack detection and other relevant features used in previous research.The UVM method employs an unweighted voting mechanism,where each voter or rule holds equal weight in detecting the presence of a sinkhole attack based on the proposed indicators.The effectiveness of the UVM method is evaluated using the COOJA simulator and compared with existing approaches.Notably,the proposed approach fulfills power consumption requirements for constrained nodes without increasing consumption due to the deployment design.In terms of detection accuracy,simulation results demonstrate a high detection rate ranging from 90%to 100%,with a low false-positive rate of 0%to 0.2%.Consequently,the proposed approach surpasses Ensemble Learning Intrusion Detection Systems by leveraging three indicators and three supporting rules.展开更多
基金Supported by the China Next GernerationInternetProgram(CNGI-04-6-2T)
文摘The IPv4 protocol suite is vulnerable to a variety of attacks. IPv6 security is in many ways the same as IPv4 security, the basic mechanisms for transporting packets across the network stay mostly unchanged, and the upper-layer protocols that transport the actual application data are mostly unaffected. This paper illustrates sniffing threat against IPv4 and then compares how the threat might influence an IPv6 networks. This is prefaced by a brief overview of current practices around the design of an IPv4 Internet edge network and then followed by a review of how that IPv4 edge network needs to evolve in order to secure the addition of IPv6. As IPv6 security is a large and complex subject, and also, IPv6 network is still at the very beginning stage and has not been fully examined in fact, this paper focus on the security requirements of medium edge networks.
文摘IPv6 is the foundation of the development of Next Generation Internet (NGI). An IPv6 network management and operations support system is necessary for real operable NGI. Presently there are no approved standards yet and relevant equipment interfaces are not perfect. A Network Management System (NMS) at the network layer helps implement the integrated management of a network with equipment from multiple vendors, including the network resources and topology, end-to-end network performance, network failures and customer Service Level Agreement (SLA) management. Though the NMS will finally realize pure IPv6 network management, it must be accommodated to the management of relevant IPv4 equipment. Therefore, modularized and layered structure is adopted for the NMS in order to implement its smooth transition.
基金funded by the Deanship of Scientific Research at Najran University for this research through a Grant(NU/RG/SERC/12/50)under the Research Groups at Najran University,Saudi Arabia.
文摘The Internet of Things(IoT)consists of interconnected smart devices communicating and collecting data.The Routing Protocol for Low-Power and Lossy Networks(RPL)is the standard protocol for Internet Protocol Version 6(IPv6)in the IoT.However,RPL is vulnerable to various attacks,including the sinkhole attack,which disrupts the network by manipulating routing information.This paper proposes the Unweighted Voting Method(UVM)for sinkhole node identification,utilizing three key behavioral indicators:DODAG Information Object(DIO)Transaction Frequency,Rank Harmony,and Power Consumption.These indicators have been carefully selected based on their contribution to sinkhole attack detection and other relevant features used in previous research.The UVM method employs an unweighted voting mechanism,where each voter or rule holds equal weight in detecting the presence of a sinkhole attack based on the proposed indicators.The effectiveness of the UVM method is evaluated using the COOJA simulator and compared with existing approaches.Notably,the proposed approach fulfills power consumption requirements for constrained nodes without increasing consumption due to the deployment design.In terms of detection accuracy,simulation results demonstrate a high detection rate ranging from 90%to 100%,with a low false-positive rate of 0%to 0.2%.Consequently,the proposed approach surpasses Ensemble Learning Intrusion Detection Systems by leveraging three indicators and three supporting rules.
