Sangam: A Confluence of Knowledge Streams

The Unexplored Impact of IPv6 on Intrusion Detection Systems

Show simple item record

dc.contributor Beverly, Robert
dc.contributor Fulp, J.D.
dc.contributor Computer Science
dc.creator Gehrke, Keith A.
dc.date Mar-12
dc.date 2012-05-14T18:55:45Z
dc.date 2012-05-14T18:55:45Z
dc.date 2012-03
dc.date.accessioned 2022-05-19T07:36:11Z
dc.date.available 2022-05-19T07:36:11Z
dc.identifier http://hdl.handle.net/10945/6800
dc.identifier.uri http://localhost:8080/xmlui/handle/CUHPOERS/100072
dc.description With DoD networks steadily adopting and transitioning to the next generation Internet Protocol, IPv6, careful consideration must be given to IPv6-specific implications on network protection. While Network Intrusion Detection Systems (NIDS) assist in protecting current IPv4 DoD networks, NIDS performance in operational DoD IPv6 environments is largely unknown. As a step toward more rigorous NIDS evaluation, we investigate the extent to which known IPv4 attacks are able to evade detection when converted to equivalent IPv6 attacks. Utilizing 13 general attack classes, we test the IPv6 readiness of two popular open source NIDSs: SNORT and BRO. Attacks in each class are evaluated in a virtual test bed that models both “native” and “transitional” networks. In the native IPv6 environment, we achieve a 95% detection rate for SNORT as compared to 8% with BRO. In addition, we discover a bug in SNORT where a carefully crafted IPv6 packet causes the NIDS to fail open, allowing full circumvention. Our findings suggest that, with respect to IPv6, both NIDS signatures and NIDS software require additional testing and evaluation to be operationally ready.
dc.description http://archive.org/details/theunexploredimp109456800
dc.description Lieutenant, United States Navy
dc.format application/pdf
dc.publisher Monterey, California. Naval Postgraduate School
dc.title The Unexplored Impact of IPv6 on Intrusion Detection Systems
dc.type Thesis


Files in this item

Files Size Format View
12Mar_Gehrke.pdf 2.324Mb application/pdf View/Open

This item appears in the following Collection(s)

Show simple item record

Search DSpace


Advanced Search

Browse