Network Security & Cryptography (NSC) Lab

Department of Information Technology
Indian Institute of Information Technology, Allahabad.

IPv6 Security

Construction of IPv6 network intrusion data set by developing the IPv6 network Attack tool

As we know the deployment of IPv6 is slowly increasing to replace IPv4 because of its large address space and other reasons. Even though IPv6 has many advantages, it has more security issues when compared to IPv4. IPv6 carries security issues from IPv4 and in addition it has its own security issues because of its features like Address auto configuration and others. Hence the effective measures needs to be taken to mitigate the attacks before the complete deployment of IPv6.

As a measure to identify and remove the attacks due to security issues, the Intrusion Detection System and other models are used as in IPv4 environment. The models identifying the malicious in IPv4 are based on certain patterns (signature) or behavior of the process. In signature based system, attacks or malicious packets are identified based on the patterns available with us. Even though data base containing the pattern updated frequently, the new attacks cannot be detected because of non-availability of its patterns.

In anomaly (behavior) based system, the attacks will be identified based on monitoring the activity through certain training given to differentiate anomaly and normal packet using various features. This system identifies the attack better than the pattern based system. Since anomaly based system is better that the pattern based system, anomaly based detection system is preferred for use in the environment.

Anomaly based system will give effective result if the training is proper. To train the system properly, we need the efficient training data set. There are many intrusion data sets available now for example DARPA, KDD, KYOTO, etc. The data sets available today are mostly for IPv4 and it is not containing the features of the current attacks. Even though some data sets like KYOTO provides for IPv6, it does not completely concentrate on the packet structure of IPv6. It is replacing the IPv4 address with IPv6 address. We cannot provide the proper training for the IPv6 Intrusion Detection System with these data sets. We are in need of the separate training and testing data set for the IPv6 environment by considering its packet structure and other protocols involvement like IPSec.

This proposal aims to create the data set for the IPv6 environment by considering various attacks possible. The objective of the project proposal is to develop the tool to generate the packets (normal and attack) and construct the data set from it by removing the private or unwanted data.

Collaborators : Having similar interest can join.

Sponsors : No sponsors yet.