A New Approach Of Network Intrusion Detection In 6TO4 Tunneling

Hirzan, Alauddin Maulana (2017) A New Approach Of Network Intrusion Detection In 6TO4 Tunneling. Masters thesis, Universiti Teknikal Malaysia Melaka.

[img] Text (24 Pages)
A New Approach Of Network Intrusion Detection In 6TO4 Tunneling - Alauddin Maulana Hirzan - 24 Pages.pdf - Submitted Version

Download (252kB)
[img] Text (Full Text)
A New Approach Of Network Intrusion Detection In 6TO4 Tunneling.pdf - Submitted Version
Restricted to Registered users only

Download (1MB)


Recent growth of internet users which almost reach the limit of IPv4 address space, make engineers must implement IPv6 to the system. However, the implementation of IPv6 is not easy due to many reasons like compatibility of hardware. Hence, transition mechanisms were proposed to help migration process from IPv4 to IPv6 network. However, there are security considerations of this mechanism due to the double encapsulation of packets. Basically, this mechanism encapsulates IPv6 packets with IPv4 datagram to allow transmission. Attacker from IPv6 network can use this tunneling mechanism to send intrusion without being detected by Network Intrusion Detection System. Normally NIDS only capable to decapsulate packet once, and NIDS like Snort cannot detect payload with protocol 41. Thus, a new approach is needed to handle decapsulation of second layer of packet, and extraction for the needed information for detection. This design adds a secondary decapsulation process of NIDS when NIDS detects a 6to4 packets. The design will decapsulate the second layer, and extract the information from the payload and continue to the detection process. The detection process itself is signature-based, where intrusions’ unique and repetitive information are defined inside the ruleset. The design implemented to Java-based NIDS for testing purpose, and run under attack simulations. According to the test, all attacks are detected as True Positive detection with several reply packets detected as False Negative detection.

Item Type: Thesis (Masters)
Uncontrolled Keywords: Internet, Security measures, Electronic countermeasures, Computer security, Computer networks, Security measures
Subjects: T Technology > T Technology (General)
T Technology > TK Electrical engineering. Electronics Nuclear engineering
Divisions: Library > Tesis > FTMK
Depositing User: Nor Aini Md. Jali
Date Deposited: 25 Apr 2018 09:21
Last Modified: 03 Feb 2022 11:17
URI: http://eprints.utem.edu.my/id/eprint/20748
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item