Forensics and Security Research Group Forensics and Security UCD and SETU research group

Article

IPv6 Security and Forensics

Vincent Nicolls; Nhien-An Le-Khac; Lei Chen; Mark Scanlon

August 2016 2nd International Workshop on Cloud Security and Forensics (WCSF 2016)
PDF BibTeX DOI

Contribution Summary

This paper addresses the growing need for IPv6 security and forensics research, as the increasing adoption of IPv6 presents new challenges and opportunities for cybercriminals. The authors present a new approach to investigate IPv6 network attacks, including case studies and a comprehensive overview of IPv6 network attack techniques. The paper discusses different types of IPv6 attacks, such as reconnaissance, exploitation, and mitigation strategies, and provides a detailed analysis of IPv6 network security and forensics. The authors also present a new toolkit, THC-IPv6, which attacks the inherent protocol weaknesses of IPv6 and ICMPv6. The paper concludes by highlighting the importance of IPv6 security and forensics research and the need for investigators to understand the security issues that come with IPv6.

Keywords: IPv6 security; IPv6 forensics; IPv6 attacks; IPv6 network security; IPv6 network forensics; IPv6 reconnaissance; IPv6 exploitation; IPv6 mitigation

Abstract

IPv4 is the historical addressing protocol used for all devices connected worldwide. It has survived for over 30 years and has been an integral part of the Internet revolution. However, due to its limitation, IPv4 is being replacing by IPv6. Today, IPv6 is more and more widely used on the Internet. On the other hand, criminals are also well aware of the introduction of IPv6. They are continuously seeking new methods to make profit, hiding their activities, infiltrate or exfiltrate important data from companies. The introduction of this new protocol may provide savvy cybercriminals more opportunities to discover new system vulnerabilities and exploit them. To date, there is little research on IPv6 security and forensics in the literature. In this paper, we look at different types of IPv6 attacks and we present a new approach.

BibTeX

@article{nicolls2016ipv6,
	author="Vincent Nicolls and Nhien-An Le-Khac and Lei Chen and Mark Scanlon",
	title="{IPv6 Security and Forensics}",
	booktitle="{2nd International Workshop on Cloud Security and Forensics (WCSF 2016)}",
	year=2016,
	month=08,
	address={Dublin, Ireland},
	publisher={IEEE},
	pages=743-748,
	abstract="IPv4 is the historical addressing protocol used for all devices connected worldwide. It has survived for over 30 years and has been an integral part of the Internet revolution. However, due to its limitation, IPv4 is being replacing by IPv6. Today, IPv6 is more and more widely used on the Internet. On the other hand, criminals are also well aware of the introduction of IPv6. They are continuously seeking new methods to make profit, hiding their activities, infiltrate or exfiltrate important data from companies. The introduction of this new protocol may provide savvy cybercriminals more opportunities to discover new system vulnerabilities and exploit them. To date, there is little research on IPv6 security and forensics in the literature. In this paper, we look at different types of IPv6 attacks and we present a new approach.",
  doi={10.1109/INTECH.2016.7845143},
}