An ICMPv6 threat model / Wan Nor Ashiqin Wan Ali

Enterprises are required to utilize Internet Control Message Protocol version 6 (ICMPv6) when IPv6 is deployed. In IPv4, Internet Control Message Protocol (ICMP) is aggressively filtered by a network administrator while in IPv6, 1CMPv6 messages cannot be aggressively filtered due to the function of ICMPv6 message. ICMPv6 security risks increase when ICMPv6 threats and vulnerabilities are exploited. Thus, it is very crucial for enterprises to address the issues. In practice, network researchers must review several resources to identify ICMPv6 related attacks occurring due to the exploitation of ICMPv6 vulnerabilities. Overlooking any of these issues will jeopardize the security of ICMPv6. Currently, with the absence of ideal ICMPv6 threat model to identify and trace ICMPv6 threats, the possibility for a network to be attacked may increase. Therefore, this research aims to design and propose ICMPv6 threat model by applying the threat modeling steps. Then, attack scenario testing was conducted to validate the significance of the ICMPv6 threat model. While conducting the testing, !Pv6-Filtering Prototype System (I6-FPS) was developed to overcome the deficiency and limited filtering tools that supported IPv6. I6-FPS is used to automate and simplify the writing of IPv6 filtering rules (ip6tables) and it was developed using PHP5 and Shell script languages. Overall, this research revealed that ICMPv6 threat model and 16-FPS are significant in the initial phase of securing IPv6 deployment With the ICMPv6 threat model, enterprises are able to trace and tackle ICMPv6 threats and vulnerabilities in the IPv6 deployment. The ICMPv6 threat model has the potential to be extended by including more threats and vulnerabilities since the threat model is considered to be an iterative procedure that could be enhanced and developed over time