{"title":"464XLAT IPv6转换技术可能存在的安全问题分析","authors":"A. Al-Azzawi, G. Lencse","doi":"10.36244/icj.2021.4.2","DOIUrl":null,"url":null,"abstract":"This paper focuses on one of the most prominent IPv6 transition technologies named 464XLAT. The aim is to analyze the security threats that this technology might face. After carrying out the threat analysis using STRIDE method that stands for Spoofing, Tampering, Repudiation, Information Disclosure and Elevation of Privilege, and using DFD (Data-Flow Diagram) as a core for the analysis, we summarized the security vulnerabilities and attack points possibilities within this infrastructure. We have also built a testbed for 464XLAT topology using several virtual machines, which were created using Debian image. We used our testbed to perform DoS (Denial of Service) attack against the PLAT (provider-side translator) and monitor PLAT’s performance and the number of packets being translated under attack by different number of clients using the hping3 command.","PeriodicalId":42504,"journal":{"name":"Infocommunications Journal","volume":"15 1","pages":""},"PeriodicalIF":0.9000,"publicationDate":"2021-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Identification of the Possible Security Issues of the 464XLAT IPv6 Transition Technology\",\"authors\":\"A. Al-Azzawi, G. Lencse\",\"doi\":\"10.36244/icj.2021.4.2\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper focuses on one of the most prominent IPv6 transition technologies named 464XLAT. The aim is to analyze the security threats that this technology might face. After carrying out the threat analysis using STRIDE method that stands for Spoofing, Tampering, Repudiation, Information Disclosure and Elevation of Privilege, and using DFD (Data-Flow Diagram) as a core for the analysis, we summarized the security vulnerabilities and attack points possibilities within this infrastructure. We have also built a testbed for 464XLAT topology using several virtual machines, which were created using Debian image. We used our testbed to perform DoS (Denial of Service) attack against the PLAT (provider-side translator) and monitor PLAT’s performance and the number of packets being translated under attack by different number of clients using the hping3 command.\",\"PeriodicalId\":42504,\"journal\":{\"name\":\"Infocommunications Journal\",\"volume\":\"15 1\",\"pages\":\"\"},\"PeriodicalIF\":0.9000,\"publicationDate\":\"2021-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Infocommunications Journal\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.36244/icj.2021.4.2\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"TELECOMMUNICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Infocommunications Journal","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.36244/icj.2021.4.2","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}
引用次数: 6
摘要
本文重点介绍了目前最突出的IPv6转换技术之一——464XLAT。目的是分析该技术可能面临的安全威胁。在使用STRIDE方法(Spoofing, tampening, Repudiation, Information Disclosure and Elevation of Privilege)进行威胁分析后,我们以DFD (Data-Flow Diagram)为分析核心,总结了该基础架构中的安全漏洞和攻击点可能性。我们还使用几个虚拟机为464XLAT拓扑构建了一个测试平台,这些虚拟机是使用Debian映像创建的。我们使用我们的测试平台对PLAT(提供端转换器)执行DoS(拒绝服务)攻击,并使用hping3命令监控PLAT的性能和在不同数量的客户端攻击下被翻译的数据包数量。
Identification of the Possible Security Issues of the 464XLAT IPv6 Transition Technology
This paper focuses on one of the most prominent IPv6 transition technologies named 464XLAT. The aim is to analyze the security threats that this technology might face. After carrying out the threat analysis using STRIDE method that stands for Spoofing, Tampering, Repudiation, Information Disclosure and Elevation of Privilege, and using DFD (Data-Flow Diagram) as a core for the analysis, we summarized the security vulnerabilities and attack points possibilities within this infrastructure. We have also built a testbed for 464XLAT topology using several virtual machines, which were created using Debian image. We used our testbed to perform DoS (Denial of Service) attack against the PLAT (provider-side translator) and monitor PLAT’s performance and the number of packets being translated under attack by different number of clients using the hping3 command.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
