The diffusion of mobile devices and technologies supportingtransparent network mobility can have detrimental effects onnetwork security. We describe how an attacker can leverage mobility in IPv6 networks to perpetrate known attackswhile evading detection by state-of-the-art Network IntrusionDetection Systems (NIDSs). We then propose a new defensestrategy based on the exchange of state information amongdistributed NIDSs. We demonstrate the effectiveness of the proposed solution through a prototype implementation, evaluatedexperimentally in a Mobile IPv6 network.
Defeating NIDS evasion in Mobile IPv6 networks / Colajanni, Michele; DAL ZOTTO, Luca; Marchetti, Mirco; Messori, Michele. - STAMPA. - (2011), pp. 1-9. (Intervento presentato al convegno World of Wireless, Mobile and Multimedia Networks (WoWMoM), 2011 IEEE International Symposium on a tenutosi a Lucca nel 2011-June) [10.1109/WoWMoM.2011.5986488].
Defeating NIDS evasion in Mobile IPv6 networks
COLAJANNI, Michele;DAL ZOTTO, LUCA;MARCHETTI, Mirco;MESSORI, MICHELE
2011
Abstract
The diffusion of mobile devices and technologies supportingtransparent network mobility can have detrimental effects onnetwork security. We describe how an attacker can leverage mobility in IPv6 networks to perpetrate known attackswhile evading detection by state-of-the-art Network IntrusionDetection Systems (NIDSs). We then propose a new defensestrategy based on the exchange of state information amongdistributed NIDSs. We demonstrate the effectiveness of the proposed solution through a prototype implementation, evaluatedexperimentally in a Mobile IPv6 network.Pubblicazioni consigliate
I metadati presenti in IRIS UNIMORE sono rilasciati con licenza Creative Commons CC0 1.0 Universal, mentre i file delle pubblicazioni sono rilasciati con licenza Attribuzione 4.0 Internazionale (CC BY 4.0), salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris