Securing IPv6 Wireless Networks Against Malicious Router Advertisements

Abstract

With the increasing number of devices connected to the internet and scarcity of IPv4 addresses, the IPv6 protocol was designed to address various of the limitations of IPv4 networks, supporting 128-bit addresses, deploying a fragmentation mechanism aiming better routers performance, use of multicast instead of broadcast and more. However, challenging security issues have been discovered on its design, with researches actively working to reduce the impact of cyber attacks exploring such breaches. One of these issues allows malicious IPv6 nodes to pretend they are actual gateways of a network, allowing for Denial-of-Service and Man-in-the-Middle attacks. This work proposes the Fingerprint-based Router Advertisement Guard (FibRA-Guard), a mechanism to avoid the spread of malicious Router Advertisements on wireless networks, relying on non-intrusive fingerprint authentication of sources of suspicious Router Advertisements based on the time each device takes to generate and send IPv6 packets. On a testbed with 15 devices, FibRA-Guard was able to identify sources of packets with an average accuracy of 96%, proving to be a reliable solution towards wireless IPv6 networks secured against malicious Router Advertisements.