dc.contributor.advisor |
Brownlee, N |
en |
dc.contributor.author |
Hu, Qinwen |
en |
dc.date.accessioned |
2016-12-20T20:24:05Z |
en |
dc.date.issued |
2016 |
en |
dc.identifier.uri |
http://hdl.handle.net/2292/31460 |
en |
dc.description.abstract |
Since about 2000, the Internet has become part of our daily lives. IPv4 has been the main protocol used for the current Internet structure. However, the size of the address space in IPv4, which limits the number of available addresses does not meet the growth needs of the Internet. IPv6 is designed to support the accelerated growth of internet enabled applications and devices. Moreover, this new protocol is expected to solve many problems in the existing IPv4 networks, and, most importantly, make the Internet more secure. From the security perspective, IPv6 is similar to IPv4 with larger addresses that may stop attackers from finding a target host using only the traditional reconnaissance technologies. However, such defensive obscurity depends upon how network administrators assign IPv6 addresses. In this study, we consider the trend of how different address allocation mechanisms are performed in last ve years and how feasible it is to discover IPv6 hosts from the public DNS servers, by launching two large-scale surveys. Our results show that IPv6 assignment has become more secure compared to the results from the past five years. However, we detected some potential issues in current DNS reverse zone deployment; we provide some recommendations for planning and deploying IPv6 addresses. Furthermore, We discussed what are the key architecture considerations for using open source Intrusion Detection Systems (IDSs) in a high speed network, and how an open source IDS should be designed to more readily facilitate new emerging IPv6 attacks. We designed and proposed a new solution for detecting the IPv6 DNS reconnaissance attack. We demonstrated the feasibility, or otherwise, of implementing this new mechanism in the three IDSs, and we demonstrated strengths and weaknesses of implementing this new detection approach in three IDSs. We suggest that IDS developers should release more IPv6 rules or policies to handle emerging IPv6 threats. All the experimental environments and tools used in this study are explained in the thesis. |
en |
dc.publisher |
ResearchSpace@Auckland |
en |
dc.relation.ispartof |
PhD Thesis - University of Auckland |
en |
dc.relation.isreferencedby |
UoA99264883106102091 |
en |
dc.rights |
Items in ResearchSpace are protected by copyright, with all rights reserved, unless otherwise indicated. Previously published items are made available in accordance with the copyright policy of the publisher. |
en |
dc.rights.uri |
https://researchspace.auckland.ac.nz/docs/uoa-docs/rights.htm |
en |
dc.rights.uri |
http://creativecommons.org/licenses/by-nc-sa/3.0/nz/ |
en |
dc.title |
IPv6 Network Security Monitoring: Similarities and Differences from IPv4 |
en |
dc.type |
Thesis |
en |
thesis.degree.discipline |
Computer Science |
en |
thesis.degree.grantor |
The University of Auckland |
en |
thesis.degree.level |
Doctoral |
en |
thesis.degree.name |
PhD |
en |
dc.rights.holder |
Copyright: The author |
en |
dc.rights.accessrights |
http://purl.org/eprint/accessRights/OpenAccess |
en |
pubs.elements-id |
603145 |
en |
pubs.record-created-at-source-date |
2016-12-21 |
en |
dc.identifier.wikidata |
Q112931081 |
|