Hrvatska znanstvena bibliografija (CROSBI)

Pregled bibliografske jedinice broj: 328427


Autori: Žagar, Drago; Grgić, Krešimir; Rimac-Drlje, Snježana
Naslov: Security aspects in IPv6 networks – implementation and testing
Izvornik: Computers & Electrical Engineering (0045-7906) 33 (2007), 5-6; 425-437
Vrsta rada: članak
Ključne riječi: IPv6; Network security; Firewall; Intrusion detection
IPv6 protocol, which should replace the actual IPv4 protocol, brings many new possibilities and improvements considering simplicity, routing speed, quality of service and security. In comparison to IPv4, IPv6 improves mechanisms for assuring a secure and confidential transfer of information. Despite these improvements, network security remains a very important issue since there are some security threats and attack types that can affect IPv6 network. This paper deals with security issues in IPv6 networks. Security improvements and extensions in the IPv6 protocol are described and explained. Also, security comparison to IPv4 is made. A description of the experimental IPv6 network and a description of tools used for security testing are presented in the paper. Security threats similar in IPv4 and IPv6 networks are described, and some security issues specific for IPv6 networks are also analysed. Different types of attacks in IPv6 networks are analysed and some suggestions for their avoidance are given. Considering security, especially problematic is the transition period of coexistence of both protocols. Because of that, security issues due to different transition mechanisms are analysed. Further, the paper studies firewalls in IPv6 networks. Implementation of firewalls in IPv6 networks and IPv6 specific firewall configurations are analysed. Different tests of firewalls are performed, and their results are analysed. Also, comparison with IPv4 firewalls is made. Some suggestions referring to proper deployment of firewalls are given. This paper also deals with detection of unauthorised intrusion. Different approaches to intrusion detection are explained and different types of intrusion detection systems are described. Suggestions for proper positioning of intrusion detection systems in the local area network are given. In absence of non-commercial intrusion detection systems with IPv6 support, some alternative possibilities of intrusion detection are explained. The paper analyses methods of intrusion detection by using tools for network traffic capturing and analysis (with IPv6 support). Different types of attacks are performed and their effects are presented and explained. Instructions for recognition and detection of different attacks are given. Some recommendations for avoiding certain attack types or reducing their effect are given. Practical advices and guidelines in implementation of security mechanisms for packet filtering and detection of unauthorized intrusion are emphasized. Finally, some recommendations for improving security mechanisms and guidelines for further development of intrusion detection systems with IPv6 support are given.
Projekt / tema: 165-0361630-3049, 165-0361630-1636, 165-0362027-1479
Izvorni jezik: ENG
Rad je indeksiran u
bazama podataka:
Current Contents Connect (CCC)
Science Citation Index Expanded (SCI-EXP) (sastavni dio Web of Science Core Collectiona)
Kategorija: Znanstveni
Znanstvena područja:
URL cjelovitog teksta:
Google Scholar: Security aspects in IPv6 networks – implementation and testing
Upisao u CROSBI: Snjezana Rimac-Drlje (), 10. Tra. 2008. u 13:48 sati