An ICMPv6 threat model / Wan Nor Ashiqin Wan Ali

Wan Ali, Wan Nor Ashiqin (2015) An ICMPv6 threat model / Wan Nor Ashiqin Wan Ali. Masters thesis, Universiti Teknologi MARA.

[img] Text
TM_WAN NOR ASHIQIN WAN ALI CS 15_5.pdf

Download (1MB)

Abstract

Enterprises are required to utilize Internet Control Message Protocol version 6 (ICMPv6) when IPv6 is deployed. In IPv4, Internet Control Message Protocol (ICMP) is aggressively filtered by a network administrator while in IPv6, 1CMPv6 messages cannot be aggressively filtered due to the function of ICMPv6 message. ICMPv6 security risks increase when ICMPv6 threats and vulnerabilities are exploited. Thus, it is very crucial for enterprises to address the issues. In practice, network researchers must review several resources to identify ICMPv6 related attacks occurring due to the exploitation of ICMPv6 vulnerabilities. Overlooking any of these issues will jeopardize the security of ICMPv6. Currently, with the absence of ideal ICMPv6 threat model to identify and trace ICMPv6 threats, the possibility for a network to be attacked may increase. Therefore, this research aims to design and propose ICMPv6 threat model by applying the threat modeling steps. Then, attack scenario testing was conducted to validate the significance of the ICMPv6 threat model. While conducting the testing, !Pv6-Filtering Prototype System (I6-FPS) was developed to overcome the deficiency and limited filtering tools that supported IPv6. I6-FPS is used to automate and simplify the writing of IPv6 filtering rules (ip6tables) and it was developed using PHP5 and Shell script languages. Overall, this research revealed that ICMPv6 threat model and 16-FPS are significant in the initial phase of securing IPv6 deployment With the ICMPv6 threat model, enterprises are able to trace and tackle ICMPv6 threats and vulnerabilities in the IPv6 deployment. The ICMPv6 threat model has the potential to be extended by including more threats and vulnerabilities since the threat model is considered to be an iterative procedure that could be enhanced and developed over time

Item Type: Thesis (Masters)
Creators:
CreatorsID Num.
Wan Ali, Wan Nor AshiqinUNSPECIFIED
Subjects: Q Science > QA Mathematics > Instruments and machines > Electronic computers. Computer science > Neural networks (Computer science)
Q Science > QA Mathematics > Instruments and machines > Electronic computers. Computer science > Neural networks (Computer science)

T Technology > TK Electrical engineering. Electronics. Nuclear engineering > Telecommunication > Web servers. Internet
Divisions: Faculty of Computer and Mathematical Sciences
Item ID: 15285
Uncontrolled Keywords: Internet Control Message Protocol version 6, ICMPv6, internet, network
Last Modified: 17 Nov 2016 09:42
Depositing User: Staf Pendigitalan 2
URI: http://ir.uitm.edu.my/id/eprint/15285

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year