Threats and Surprises Behind IPv6 Extension Headers

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F63839172%3A_____%2F17%3A10132900" target="_blank" >RIV/63839172:_____/17:10132900 - isvavai.cz</a>

Výsledek na webu

<a href="http://dx.doi.org/10.23919/TMA.2017.8002912" target="_blank" >http://dx.doi.org/10.23919/TMA.2017.8002912</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.23919/TMA.2017.8002912" target="_blank" >10.23919/TMA.2017.8002912</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Threats and Surprises Behind IPv6 Extension Headers

Popis výsledku v původním jazyce

The concept of Extension Headers, newly introduced with IPv6, is elusive and enables new types of threats in the Internet. Simply dropping all traffic containing any Extension Header - a current practice by operators-seemingly is an effective solution, but at the cost of possibly dropping legitimate traffic as well. To determine whether threats indeed occur, and evaluate the actual nature of the traffic, measurement solutions need to be adapted. By implementing these specific parsing capabilities in flow exporters and performing measurements on two different production networks, we show it is feasible to quantify the metrics directly related to these threats, and thus allow for monitoring and detection. Analysing the traffic that is hidden behind Extension Headers, we find mostly benign traffic that directly affects end-user QoE: simply dropping all traffic containing Extension Headers is thus a bad practice with more consequences than operators might be aware of.

Název v anglickém jazyce

Threats and Surprises Behind IPv6 Extension Headers

Popis výsledku anglicky

The concept of Extension Headers, newly introduced with IPv6, is elusive and enables new types of threats in the Internet. Simply dropping all traffic containing any Extension Header - a current practice by operators-seemingly is an effective solution, but at the cost of possibly dropping legitimate traffic as well. To determine whether threats indeed occur, and evaluate the actual nature of the traffic, measurement solutions need to be adapted. By implementing these specific parsing capabilities in flow exporters and performing measurements on two different production networks, we show it is feasible to quantify the metrics directly related to these threats, and thus allow for monitoring and detection. Analysing the traffic that is hidden behind Extension Headers, we find mostly benign traffic that directly affects end-user QoE: simply dropping all traffic containing Extension Headers is thus a bad practice with more consequences than operators might be aware of.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

<a href="/cs/project/EF16_013%2F0001797" target="_blank" >EF16_013/0001797: E-infrastruktura CESNET - modernizace</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2017

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

TMA 2017 - Proceedings of the 1st Network Traffic Measurement and Analysis Conference

ISBN

978-3-901882-95-1

ISSN

—

e-ISSN

neuvedeno

Počet stran výsledku

9

Strana od-do

1-9

Název nakladatele

IEEE Xplore Digital Library

Místo vydání

Dublin, Ireland

Místo konání akce

Dublin, Ireland

Datum konání akce

21. 6. 2017

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

000426454700017