{"title":"Routing Attack in the ND and SEND Mixed Environment","authors":"Hou Yi, Wang Zhen-xing, Wang Yu, Zhang Lian-cheng","doi":"10.1109/MINES.2012.196","DOIUrl":null,"url":null,"abstract":"With the deployment of IPv6 and the rising threat of ND security issues, SEND is desiderated to be deployed in subnets. SEND binds the node's identifier to IP address and adds the digital signature to its message to resist hijacking and man-in-the-middle attacks. However, during the stage of transition, the coexistence of ND and SEND may cause security issues. This paper analyzes the specific security vulnerabilities in the mixed environment of SEND and ND, and proposes a method of routing attack in the coexistence environment, which takes advantages of the source address selection algorithm to induce the host to send packets through the unsecure addresses and routers, in order to bypass the protection of router advertisement and the authentication of router identity by SEND option. The research of this paper will help the wide deployment of SEND mechanism and provide protection for the IPv6 subnets.","PeriodicalId":208089,"journal":{"name":"2012 Fourth International Conference on Multimedia Information Networking and Security","volume":"11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-11-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 Fourth International Conference on Multimedia Information Networking and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MINES.2012.196","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
With the deployment of IPv6 and the rising threat of ND security issues, SEND is desiderated to be deployed in subnets. SEND binds the node's identifier to IP address and adds the digital signature to its message to resist hijacking and man-in-the-middle attacks. However, during the stage of transition, the coexistence of ND and SEND may cause security issues. This paper analyzes the specific security vulnerabilities in the mixed environment of SEND and ND, and proposes a method of routing attack in the coexistence environment, which takes advantages of the source address selection algorithm to induce the host to send packets through the unsecure addresses and routers, in order to bypass the protection of router advertisement and the authentication of router identity by SEND option. The research of this paper will help the wide deployment of SEND mechanism and provide protection for the IPv6 subnets.