Defence mechanisms evaluation against RA flood attacks for Linux Victim Node

Loading...
Thumbnail Image
Other Title
Authors
Kolahi, Samad
Barmada, Bashar
Mudaliar, Keysha
Author ORCID Profiles (clickable)
Degree
Grantor
Date
2017-12
Supervisors
Type
Conference Contribution - Paper in Published Proceedings
Ngā Upoko Tukutuku (Māori subject headings)
Keyword
router advertisement (RA) flood attacks
defence mechanisms
IPv6 networks
Linux operating system
ICMPv6 Router Advertisement messages
ANZSRC Field of Research Code (2020)
Citation
Kolahi, S. S., Barmada, B., & Mudaliar, K. (2017, December). Defence mechanisms evaluation against RA flood attacks for Linux-victim node. IEEE (Ed.), Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC 2017) (pp.1000 - 1005). 10.1109/APSIPA.2017.8282169.
Abstract
This research evaluates the performance of different defence mechanisms used in IPv6 networks to protect against router advertisement (RA) flood attacks that rely in ICMPv6 Router Advertisement messages to flood the network. Three types of RA flood attacks are considered: the default RA flood attack, RA flood attack with fragmented packets and RA flood attack with extended header packets. The victim machine is considered to be Linux Debian operating system. The defence mechanisms analysed here are: Access Control Lists, Disable Router Discovery, RA Guard, Validate Source MAC and VLAN. The performance is measured according to TCP throughput, TCP round-trip time (RTT) and CPU utilisation.
Publisher
Asia-Pacific Signal and Information Processing Association (APSIPA)
Link to ePress publication
DOI
Copyright holder
Authors
Copyright notice
All rights reserved
Copyright license
Available online at
This item appears in: