Effectiveness of security tools to anomalies on tunneled traffic

Tunneling mechanism has been proven as an option to link the communication between IPv6 networks and IPv4 environments without incurring the high costs of upgrading equipment. However, this mechanism has reduced the network performance and downgrade the level of security if compared to the native IPv6 network. The Transition Mechanism has also become a covert channel for spreading threats without being acknowledged by the network security tools. Even though the issue has been raised in the set of IETF rules, still they do not provide any recommendation to overcome the problem. Based on this reason, this study explored the effectiveness of conventional network security tools to detect any anomalies occurring on a tunneling mechanism especially against packet flooding attack in IPv6 tunneling. In order to achieve this objective, a testbed that has been deployed with conventional firewall and IDS is used to simulate the IPv6 to IPv4 tunneling mechanism, several network attacks are then launched and the network traffic is then captured to be analyzed. The result shows that the firewall with the default settings had blocked all the tunneling packets, while the firewall and IDS with the default rule of set had performed well in IPv4 but not in the IPv6 tunnel

Protocol IPv6 and its implementation scenarios

Tato práce se zabývá síťovým protokolem IPv6 a jeho pozicí v současném Internetu. Teoretická část se věnuje hlavním změnám, které nový protokol do oblasti síťové komunikace přináší – především adresování, formátu datagramů a automatické konfiguraci. Je zde též uvedeno porovnání IPv6 s IPv4. Praktická část zahrnuje připojení k IPv6-Internetu pomocí vybraných přechodových metod, analyzuje jednotlivé metody a uvádí možnosti jejich realizace v závislosti na síťovém prostředí.This thesis deals with IPv6 – the Internet layer protocol and its situation in today’s Internet. In theoretical part are described major changes, which the new protocol brings to networking area – especially addressing, headers format and autoconfiguration. Comparison of IPv6 and IPv4 is also included. Practical part covers connecting to IPv6-Internet with selected transition methods, analyses these methods and features its implementation in dependence on network environment.

Understanding tradeoffs in incremental deployment of new network architectures

Despite the plethora of incremental deployment mechanisms proposed, rapid adoption of new network-layer protocols and architectures remains difficult as reflected by the widespread lack of IPv6 traffic on the Internet. We show that all de-ployment mechanisms must address four key questions: How to select an egress from the source network, how to select an ingress into the destination network, how to reach that egress, and how to reach that ingress. By creating a de-sign space that maps all existing mechanisms by how they answer these questions, we identify the lack of existing mech-anisms in part of this design space and propose two novel approaches: the “4ID ” and the “Smart 4ID”. The 4ID mech-anism utilizes new data plane technology to flexibly decide when to encapsulate packets at forwarding time. The Smart 4ID mechanism additionally adopts an SDN-style control plane to intelligently pick ingress/egress pairs based on a wider view of the local network. We implement these mech-anisms along with two widely used IPv6 deployment mech-anisms and conduct wide-area deployment experiments over PlanetLab. We conclude that Smart 4ID provide better overall performance and failure semantics, and that inno-vations in the data plane and control plane enable straight-forward incremental deployment

Server for Automatic IPv6 Tunnel Connectivity

Velkým problémem dnešního Internetu je blížící se vyčerpání adresního prostoru protokolu IPv4. Tato diplomová práce se zabývá studiem síťového protokolu IPv6 a možnostmi podporujícími rozšíření tohoto protokolu v síti Internetu. Dále studuje speciálně k tomu účelu určenou metodou tunelování AYIYA a způsoby řízení tunelů, obzvláště protokol TIC. Cílem této práce je navrhnut, implementovat, otestovat a nasadit do pilotního provozu serverovou část tunel broker systému, který bude využívat zmíněnou metodu tunelování a bude kompatibilní s volně šiřitelným klientem AICCU. Hlavním přínosem práce je vytvoření otevřeného tunel broker systému. Pilotní provoz v České republice přináší českým uživatelům tunelovaný IPv6 Internet s nízkou latencí.One of the major problems of modern Internet is the upcoming depletion of addressing space in IPv4 protocol. This master thesis focuses on the study of network protocol IPv6, the possibilities of expanding this protocol in the Internet using the appropriate tunelling method and ways of tunnel management, especially the TIC protocol. Major goal of this work is using knowledge of protocols in a design and implementation of the server part of tunnel broker system, which uses mentioned tunneling method and is compatible with the open source client AICCU. Second part of this work deals with testing and pilot deployment of this system. Main benefit consists in creation an open source tunel broker system. Real deployment of this system is particularly advantage for Czech users as a low latency tunnel IPv6 Internet.

Ipv6 Migration Framework For Government Agencies In Malaysia

Malaysia adalah sebahagian daripada negara-negara dunia yang berusaha untuk berhijrah ke protokol Internet Versi 6 (lPv6) Malaysia is involved in the worldwide effort to migrate to IPv6 due to the giobal IPv4 address depletion and other IPv4 limitations as well as to derive IPv6 benefits

A Comprehensive Survey on the Most Important IPv4aaS IPv6 Transition Technologies, their Implementations and Performance Analysis

As the central public IPv4 address pool has already been exhausted, the deployment of IPv6 has become inevitable. However, the users still require IPv4 Internet access due to some IPv4-only applications. The IPv4aaS (IPv4-as-a-Service) IPv6 transition technologies facilitate that ISPs provide IPv4 service to their customers while using only IPv6 in their access and core networks. This paper discusses the widely used IPv4aaS IPv6 transition technologies in ISP/enterprise networks; we explain their operations, advantages, properties and consider their performances. There are currently many IPv6 transition technologies, nevertheless, in this paper, the five most prominent IPv4aaS IPv6 transition technologies are discussed, namely 464XLAT, Dual-Stack Lite, Lightweight 4over6, MAP-E, and MAP-T. Moreover, the deployment and implementations of these technologies are being analysed and inspected. This paper also overviews the benchmarking methodology for IPv6 transition technologies and surveys several papers that investigated metrics and tools utilized in analysing the performance of different IPv6 transition technologies

Migration cost optimization for service provider legacy network migration to software-defined IPv6 network

This is the peer reviewed version of the following article: Dawadi, BR, Rawat, DB, Joshi, SR, Manzoni, P, Keitsch, MM. Migration cost optimization for service provider legacy network migration to software-defined IPv6 network. Int J Network Mgmt. 2021; 31:e2145, which has been published in final form at https://doi.org/10.1002/nem.2145. This article may be used for non-commercial purposes in accordance with Wiley Terms and Conditions for Self-Archiving.[EN] This paper studies a problem for seamless migration of legacy networks of Internet service providers to a software-defined networking (SDN)-based architecture along with the transition to the full adoption of the Internet protocol version 6 (IPv6) connectivity. Migration of currently running legacy IPv4 networks into such new approaches requires either upgrades or replacement of existing networking devices and technologies that are actively operating. The joint migration to SDN and IPv6 network is considered to be vital in terms of migration cost optimization, skilled human resource management, and other critical factors. In this work, we first present the approaches of SDN and IPv6 migration in service providers' networks. Then, we present the common concerns of IPv6 and SDN migration with joint transition strategies so that the cost associated with joint migration is minimized to lower than that of the individual migration. For the incremental adoption of software-defined IPv6 (SoDIP6) network with optimum migration cost, a greedy algorithm is proposed based on optimal path and the customer priority. Simulation and empirical analysis show that a unified transition planning to SoDIP6 network results in lower migration cost.U.S. National Science Foundation (NSF), Grant/Award Number: CNS 1650831 and HRD 1828811; ERASMUS+ KA107; Nepal Academy of Science and Technology (NAST); Norwegian University of Science and Technology; University Grant Commission (UGC), Nepal, Grant/Award Number: FRG/74_75/Engg-1Dawadi, BR.; Rawat, DB.; Joshi, SR.; Manzoni, P.; Keitsch, MM. (2021). Migration cost optimization for service provider legacy network migration to software-defined IPv6 network. International Journal of Network Management. 31(4):1-24. https://doi.org/10.1002/nem.2145S124314APNIC.IPv6 capability measurement.https://stats.labs.apnic.net/ipv6. Accessed April 22 2020.Google Incl. IPv6 user access status.https://www.google.com/intl/en/ipv6/statistics.html. Accessed February 16 2020.Rawat, D. B., & Reddy, S. R. (2017). Software Defined Networking Architecture, Security and Energy Efficiency: A Survey. IEEE Communications Surveys & Tutorials, 19(1), 325-346. doi:10.1109/comst.2016.2618874Dai, B., Xu, G., Huang, B., Qin, P., & Xu, Y. (2017). Enabling network innovation in data center networks with software defined networking: A survey. Journal of Network and Computer Applications, 94, 33-49. doi:10.1016/j.jnca.2017.07.004Kobayashi, M., Seetharaman, S., Parulkar, G., Appenzeller, G., Little, J., van Reijendam, J., … McKeown, N. (2014). Maturing of OpenFlow and Software-defined Networking through deployments. Computer Networks, 61, 151-175. doi:10.1016/j.bjp.2013.10.011Gumaste, A., Sharma, V., Kakadia, D., Yates, J., Clauberg, A., & Voltolini, M. (2017). SDN Use Cases for Service Provider Networks: Part 2. IEEE Communications Magazine, 55(4), 62-63. doi:10.1109/mcom.2017.7901478Dawadi, B. R., Rawat, D. B., & Joshi, S. R. (2019). Software Defined IPv6 Network: A New Paradigm for Future Networking. Journal of the Institute of Engineering, 15(2), 1-13. doi:10.3126/jie.v15i2.27636Shah, J. L., Bhat, H. F., & Khan, A. I. (2019). Towards IPv6 Migration and Challenges. International Journal of Technology Diffusion, 10(2), 83-96. doi:10.4018/ijtd.2019040105Rojas, E., Doriguzzi-Corin, R., Tamurejo, S., Beato, A., Schwabe, A., Phemius, K., & Guerrero, C. (2018). Are We Ready to Drive Software-Defined Networks? A Comprehensive Survey on Management Tools and Techniques. ACM Computing Surveys, 51(2), 1-35. doi:10.1145/3165290Contreras, L. M., Doolan, P., Lønsethagen, H., & López, D. R. (2015). Operational, organizational and business challenges for network operators in the context of SDN and NFV. Computer Networks, 92, 211-217. doi:10.1016/j.comnet.2015.07.016Amin, R., Reisslein, M., & Shah, N. (2018). Hybrid SDN Networks: A Survey of Existing Approaches. IEEE Communications Surveys & Tutorials, 20(4), 3259-3306. doi:10.1109/comst.2018.2837161Audi Marc Amjad A.The Advancement in Information and Communication Technologies (ICT) and Economic Development: A Panel Analysis. MPRA.https://mpra.ub.uni-muenchen.de/93476/. Published 2019. Accessed November 29 2019.Main, A., Zakaria, N. A., & Yusof, R. (2015). Organisation Readiness Factors Towards IPv6 Migration: Expert Review. Procedia - Social and Behavioral Sciences, 195, 1882-1889. doi:10.1016/j.sbspro.2015.06.427Dawadi, B. R., Rawat, D. B., Joshi, S. R., & Baral, D. S. (2019). Affordable Broadband with Software Defined IPv6 Network for Developing Rural Communities. Applied System Innovation, 3(1), 4. doi:10.3390/asi3010004Nikkhah, M. (2016). Maintaining the progress of IPv6 adoption. Computer Networks, 102, 50-69. doi:10.1016/j.comnet.2016.02.027Dell, P. (2018). On the dual-stacking transition to IPv6: A forlorn hope? Telecommunications Policy, 42(7), 575-581. doi:10.1016/j.telpol.2018.04.005GilliganRE NordmarkE GilliganRE et alBasic Transition Mechanisms for IPv6 Hosts and Routers.2000.Cui, Y., Dong, J., Wu, P., Wu, J., Metz, C., Lee, Y. L., & Durand, A. (2013). Tunnel-Based IPv6 Transition. IEEE Internet Computing, 17(2), 62-68. doi:10.1109/mic.2012.63BlanchetM ParentF.IPv6 Tunnel Broker with the Tunnel Setup Protocol (TSP).2010.HuitemaC.Teredo: Tunneling IPv6 over UDP through Network Address Translations (NATs) RFC 4380.2006.CarpenterB MooreK.Connection of IPv6 domains via IPv4 clouds.2001.JungC CarpenterBE.Transmission of IPv6 over IPv4 Domains without Explicit Tunnels.1999.CuiY WuJ LeeY WuP VautrinO.Public IPv4‐over‐IPv6 access Network2013.CuiY SunQ LeeYL TsouT FarrerI BoucadairM.Lightweight 4over6: an extension to the dual‐stack lite Architecture2015.TemplinF GleesonT TalwarM ThalerD.Intra‐Site Automatic Tunnel Addressing Protocol (ISATAP) RFC 5214.2008.DurandA DromsR WoodyattJ LeeY.RFC 6333: Dual‐Stack Lite Broadband Deployments Following IPv4 Exhaustion. IETF Aug.2011.BaoC DecW LiX TroanO MatsushimaS MurakamiT.Mapping of Address and Port with Encapsulation (MAP‐E). IETF Internet Draft.2015.TownsleyW TroanO.IPv6 Rapid Deployment on IPv4 Infrastructures (6rd)‐‐Protocol Specification.2010.ChenM ChenG JiangS LeeY DespresR PennoR.IPv4 Residual Deployment via IPv6‐A Stateless Solution (4rd).2015.WuP CuiY XuM et alPET: Prefixing encapsulation and translation for IPv4‐IPv6 coexistence. In: 2010IEEE Global Telecommunications Conference GLOBECOM2010. 2010:1–5.LiX BaoC ChenM ZhangH WuJ.IVI translation design and deployment for the IPv4/IPv6 coexistence and transition.IETF RFC6219 Internet Eng Task Force Fremont CA.2011.Bagnulo, M., Garcia-Martinez, A., & Van Beijnum, I. (2012). The NAT64/DNS64 tool suite for IPv6 transition. IEEE Communications Magazine, 50(7), 177-183. doi:10.1109/mcom.2012.6231295BagnuloM SullivanA MatthewsP VanBeijnumI.DNS64: DNS extensions for network address translation from IPv6 clients to IPv4 servers RFC 6147.2011.LiuD DengH.NAT46 Considerations.2010.MawatariM KawashimaM ByrneC.464XLAT: Combination of stateful and stateless translation. IETF Internet‐Draft.2013.PerreaultS YamagataI MiyakawaS NakagawaA.Common Requirements for Carrier‐Grade NATs (CGNs) RFC6888.2013.YamaguchiJ ShirasakiY NakagawaA AshidaH.Nat444 addressing models. Req Comments Draft Internet Eng Task Force.2012.ChenG CaoZ XieC BinetD.NAT64 Deployment Options and Experience RFC 7269.2014.LiX BaoC DecW TroanO MatsushimaS MurakamiT.Mapping of Address and Port using Translation (MAP‐T) RFC 7599. IETF Internet Draft.2013.Wu, P., Cui, Y., Wu, J., Liu, J., & Metz, C. (2013). Transition from IPv4 to IPv6: A State-of-the-Art Survey. IEEE Communications Surveys & Tutorials, 15(3), 1407-1424. doi:10.1109/surv.2012.110112.00200Hernandez-Valencia, E., Izzo, S., & Polonsky, B. (2015). How will NFV/SDN transform service provider opex? IEEE Network, 29(3), 60-67. doi:10.1109/mnet.2015.7113227BogineniK et alThe Open Networking Lab (ON.Lab). Introducing ONOS—a SDN network operating system for Service Providers.White Pap.2014;1:14.http://onosproject.org/wp-content/uploads/2014/11/Whitepaper-ONOS-final.pdfTR‐506 O ONF TR‐506.SDN Migration Considerations and Use Cases.2014.https://www.opennetworking.org/wp-content/uploads/2014/10/sb-sdn-migration-use-cases.pdfRisdiantoAC LingTC TsaiP YangC KimJ.Leveraging open‐source software for federated multisite SDN‐cloud playground. In: 2016 IEEE NetSoft Conference and Workshops (NetSoft). ;2016:423‐427.https://doi.org/10.1109/NETSOFT.2016.7502479GalizaH SchwarzM BezerraJ IbarraJ.Moving an ip network to sdn: a global use case deployment experience at amlight. In:Anais Do WPEIF2016Workshop de Pesquisa Experimental Da Internet Do Futuro: 15.LevinD CaniniM SchmidS SchaffertF Feldmann A.Panopticon: Reaping the Benefits of Incremental {SDN} Deployment in Enterprise Networks. In: 2014 {USENIX} Annual Technical Conference ({USENIX}{ATC} 14). ;2014:333–345.Vissicchio, S., Tilmans, O., Vanbever, L., & Rexford, J. (2015). Central Control Over Distributed Routing. ACM SIGCOMM Computer Communication Review, 45(4), 43-56. doi:10.1145/2829988.2787497Huang, X., Cheng, S., Cao, K., Cong, P., Wei, T., & Hu, S. (2019). A Survey of Deployment Solutions and Optimization Strategies for Hybrid SDN Networks. IEEE Communications Surveys & Tutorials, 21(2), 1483-1507. doi:10.1109/comst.2018.2871061Csikor, L., Szalay, M., Retvari, G., Pongracz, G., Pezaros, D. P., & Toka, L. (2020). Transition to SDN is HARMLESS: Hybrid Architecture for Migrating Legacy Ethernet Switches to SDN. IEEE/ACM Transactions on Networking, 28(1), 275-288. doi:10.1109/tnet.2019.2958762Dawadi, B. R., Rawat, D. B., Joshi, S. R., & Manzoni, P. (2020). Legacy Network Integration with SDN-IP Implementation towards a Multi-Domain SoDIP6 Network Environment. Electronics, 9(9), 1454. doi:10.3390/electronics9091454HongDK MaY BanerjeeS MaoZM.Incremental deployment of SDN in hybrid enterprise and ISP networks. In: Proceedings of the Symposium on SDN Research. 2016:1‐7.Karakus, M., & Durresi, A. (2018). Economic Viability of Software Defined Networking (SDN). Computer Networks, 135, 81-95. doi:10.1016/j.comnet.2018.02.015Rizvi, S. N., Raumer, D., Wohlfart, F., & Carle, G. (2015). Towards carrier grade SDNs. Computer Networks, 92, 218-226. doi:10.1016/j.comnet.2015.09.029Sezer, S., Scott-Hayward, S., Chouhan, P., Fraser, B., Lake, D., Finnegan, J., … Rao, N. (2013). Are we ready for SDN? Implementation challenges for software-defined networks. IEEE Communications Magazine, 51(7), 36-43. doi:10.1109/mcom.2013.6553676Raza, M. H., Sivakumar, S. C., Nafarieh, A., & Robertson, B. (2014). A Comparison of Software Defined Network (SDN) Implementation Strategies. Procedia Computer Science, 32, 1050-1055. doi:10.1016/j.procs.2014.05.532Goransson, P., & Black, C. (2014). SDN in the Data Center. Software Defined Networks, 145-167. doi:10.1016/b978-0-12-416675-2.00007-3AT & T.Introducing the “User Defined Network Cloud”.https://about.att.com/newsroom/introducing_the_user_defined_network_cloud.html. Published 2014. Accessed August 12 2018.CsikorL TokaL SzalayM PongráczG PezarosDP RétváriG.HARMLESS: Cost‐effective transitioning to SDN for small enterprises. In: 2018 IFIP Networking Conference (IFIP Networking) and Workshops. ; 2018:1–9.ON.LAB.Driving SDN Adoption in Service Provider Networks.2014.http://onosproject.org/wp-content/uploads/2014/11/Whitepaper-Service-Provider-SDN-final.pdfBabikerH NikolovaI ChittimaneniKKK.Deploying IPv6 in the Google Enterprise Network. Lessons learned. In:LISA'11 Proceedings of the 25th International Conference on Large Installation System Administration 2011:10.ParkHW HwangISLS LeeJR.Study on the sustainable migration to software defined network for nation‐wide R&E network.Proc—201610th Int Conf Innov Mob Internet Serv Ubiquitous Comput IMIS2016.2016:392‐396.https://doi.org/10.1109/IMIS.2016.117CariaM JukanA HoffmannM.A performance study of network migration to SDN‐enabled traffic engineering. In:2013 IEEE Global Communications Conference (GLOBECOM); 2013:1391‐1396.Sandhya, Sinha, Y., & Haribabu, K. (2017). A survey: Hybrid SDN. Journal of Network and Computer Applications, 100, 35-55. doi:10.1016/j.jnca.2017.10.003LENCSE, G., & KADOBAYASHI, Y. (2019). Comprehensive Survey of IPv6 Transition Technologies: A Subjective Classification for Security Analysis. IEICE Transactions on Communications, E102.B(10), 2021-2035. doi:10.1587/transcom.2018ebr0002NIST.Technical and Economic Assessment of Internet Protocol Verson 6 9IPv6.2006.https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=912231NIST.IPv6 Economic Impact Assessment. NY;2005.https://www.nist.gov/system/files/documents/director/planning/report05-2.pdfDasT CariaM JukanA HoffmannM.A Techno‐economic Analysis of Network Migration to Software‐Defined Networking.2013.http://arxiv.org/abs/1310.0216Das, T., Drogon, M., Jukan, A., & Hoffmann, M. (2014). Study of Network Migration to New Technologies Using Agent-Based Modeling Techniques. Journal of Network and Systems Management, 23(4), 920-949. doi:10.1007/s10922-014-9327-3Yuan, T., Huang, X., Ma, M., & Zhang, P. (2017). Migration to software-defined networks: The customers’ view. China Communications, 14(10), 1-11. doi:10.1109/cc.2017.8107628TürkS LiuY RadekeR LehnertR.Network migration optimization using genetic algorithms. In: Meeting of the European Network of Universities and Companies in Information and Communication Engineering. 2012:112–123.Türk, S. (2014). Network migration optimization using meta-heuristics. AEU - International Journal of Electronics and Communications, 68(7), 584-586. doi:10.1016/j.aeue.2014.04.005TürkS RadekeR LehnertR.Network migration using ant colony optimization. In:2010 9th Conference of Telecommunication Media and Internet; 2010:1–6.TurkS LiuH RadekeR LehnertR.Improving network migration optimization utilizing memetic algorithms. In: Global Information Infrastructure Symposium—GIIS 2013. 2013:1‐8.https://doi.org/10.1109/GIIS.2013.6684345ShayaniD Mas MachucaC JagerM GladischA.Cost analysis of the service migration problem between communication platforms. In: NOMS 2008–2008 IEEE Network Operations and Management Symposium. 2008:734‐737.https://doi.org/10.1109/NOMS.2008.4575201Shayani, D., Mas Machuca, C., & Jager, M. (2010). A techno-economic approach to telecommunications: the case of service migration. IEEE Transactions on Network and Service Management, 7(2), 96-106. doi:10.1109/tnsm.2010.06.i8p0297Naudts, B., Kind, M., Verbrugge, S., Colle, D., & Pickavet, M. (2015). How can a mobile service provider reduce costs with software-defined networking? International Journal of Network Management, 26(1), 56-72. doi:10.1002/nem.1919Dawadi, B. R., Rawat, D. B., & Joshi, S. R. (2019). Evolutionary Dynamics of Service Provider Legacy Network Migration to Software Defined IPv6 Network. Advances in Intelligent Systems and Computing, 245-257. doi:10.1007/978-3-030-19861-9_24BezrukVM ChebotarovaD V KaliuzhniyNM QiangG YuZ.Optimization and mathematical modeling of communication networks.Monogr—Open Electron Arch Kharkov Natl Univ Radio Electron.2019.http://openarchive.nure.ua/handle/document/10121Omantek. Open‐AudIT: Device Information Management System.https://www.open-audit.org/about.phpNet. Inventory Advisor.Network Inventory Software.https://www.network-inventory-advisor.com/. Accessed December 3 2019.OCS‐Inventory. OCSING: Open Inventory Next Generation.https://ocsinventory-ng.org/?lang=en. Accessed December 3 2019.Group MW. Migration Use Cases and Methods Migration Working Group Open Networking Foundation Use Cases and Migration Methods 2.www.opennetworking.orgSohn, S. Y., & Kim, Y. (2011). Economic Evaluation Model for International Standardization of Correlated Technologies. IEEE Transactions on Engineering Management, 58(2), 189-198. doi:10.1109/tem.2010.2058853ONF TS‐006.OpenFlow 1.3 Switch Specification.2012.https://www.opennetworking.org/wp-content/uploads/2014/10/openflow-spec-v1.3.0.pdfMahlooM MontiP ChenJ WosinskaL.Cost modeling of backhaul for mobile networks. In: 2014 IEEE International Conference on Communications Workshops (ICC). 2014:397–402.https://doi.org/10.1109/ICCW.2014.6881230DawadiBR RawatDB JoshiSR KeitschMM.Joint cost estimation approach for service provider legacy network migration to unified software defined IPv6 network. In: Proceedings—4th IEEE International Conference on Collaboration and Internet Computing CIC 2018.2018.https://doi.org/10.1109/CIC.2018.00056FengT BiJ.OpenRouteFlow: Enable legacy router as a software‐defined routing service for hybrid SDN. In: 2015 24th International Conference on Computer Communication and Networks (ICCCN).2015:1–8.MachucaCM EberspaecherJ JägerM GladischA.Service migration cost modeling. In: 2007 ITG Symposium on Photonic Networks. ; 2007:1–5.Poularakis, K., Iosifidis, G., Smaragdakis, G., & Tassiulas, L. (2019). Optimizing Gradual SDN Upgrades in ISP Networks. IEEE/ACM Transactions on Networking, 27(1), 288-301. doi:10.1109/tnet.2018.2890248Galán-Jiménez, J. (2017). Legacy IP-upgraded SDN nodes tradeoff in energy-efficient hybrid IP/SDN networks. Computer Communications, 114, 106-123. doi:10.1016/j.comcom.2017.10.010Vizarreta, P., Trivedi, K., Helvik, B., Heegaard, P., Blenk, A., Kellerer, W., & Mas Machuca, C. (2018). Assessing the Maturity of SDN Controllers With Software Reliability Growth Models. IEEE Transactions on Network and Service Management, 15(3), 1090-1104. doi:10.1109/tnsm.2018.2848105Salsano, S., Ventre, P. L., Lombardo, F., Siracusano, G., Gerola, M., Salvadori, E., … Prete, L. (2016). Hybrid IP/SDN Networking: Open Implementation and Experiment Management Tools. IEEE Transactions on Network and Service Management, 13(1), 138-153. doi:10.1109/tnsm.2015.2507622DasT GurusamyM.Resilient Controller Placement in Hybrid SDN/Legacy Networks. In: 2018 IEEE Global Communications Conference (GLOBECOM). 2018:1–7.DasT GurusamyM.INCEPT: INcremental ControllEr PlacemenT in software defined networks. In: 2018 27th International Conference on Computer Communication and Networks (ICCCN). 2018:1–6

Integração de IPv6 em um ambiente cooperativo seguro

Orientador: Paulo Licio de GeusDissertação (mestrado) - Universidade Estadual de Campinas, Instituto de ComputaçãoResumo: A Internet cresceu na comunidade acadêmica, de modo que mecanimos de segurança não eram parte do protocolo original IP e do projeto de serviços. Durante a discussão de redefinição do atual Protocolo Internet (1Pv4), se tomou claro que o novo projeto (1Pv6) deveria incorporar algumas características básicas de segurança. A intenção era que estas características provessem autenticidade, privacidade e um nível mínimo de segurança contra muitos ataques baseados no IP. A provisão de características de segurança em 1Pv6 (IPSec) é um passo importante em direção a prover segurança nativa na Internet. Entretanto, IPSec não é a solução para todos os problemas de segurança. O objetivo deste trabalho é analisar as implicações da adoção de 1Pv6 em Ambientes Cooperativos Seguros, particularmente do IPSec, que provê um framework nativo de segurança para a camada IP, assim como para as camadas acima. Será visto que a característica de criptografia fim-a-fim do IPSec impossibilita a utilização efetiva de vários mecanismos de segurança consolidados em Ambientes Cooperativos Seguros atuais (1Pv4). Considerando que uma rede IPv6 não será efetivamente útil se não permitir a ocorrência de comunicação com outras redes na Internet, tanto 1Pv4 quanto 1Pv6, este trabalho também objetiva estudar os cenários de integração entre redes 1Pv6 e 1Pv4 bem como os mecanismos de transição aplicáveis a cada cenárioAbstract: The Internet grew up within the academic community in such a manner that security mechanisms were neither required nor incorporated into the original IP protocol. During the discussions to redefine and improve the actual internet protocol (IPv4), it became clear that the new project (IPv6) should incorporate some basic security characteristics. The intention was that these characteristics would provide authentication, privacy and a minimum level of security against attacks based on the protocol IP. Providing security characteristics in IPv6 (IPSec) is an important step in the direction of providing native security on the Internet. However, IPSec, does not provide a solution for all security problems that might happen when accessing the Internet. The aim of this work is to analyze the implications of the adoption of IPv6 in Secure Cooperative Environments, in particular IPSec, which provides the native security framework in the network layer, as well as the layers above it. It will be seen that the adoption of IPSec and its characteristic of end-to-end encryption, does have drawbacks since it is incompatible with the consolidated security mechanisms used currently in Secure Cooperative Environrnents (IPv4). Considering that IPv6 networks must be compatible with the existing IPv4 networks used in the Internet in order to have a gradual transition between both protocols, this work also discusses the scenarios involved when integrating the two protocols and the transition mechanisms that are relevant to each scenarioMestradoMestre em Ciência da Computaçã