Security Mechanisms For The Ipv4 To Ipv6 Transition.

Transition from lpv4 to lpv6 has been made possible through various transition mechanisms, categorized as dual-stack tunneling and translation. However, period of transition may take years to complete which both protocols will coexist due to Internet services deployed are widely in lpv4

lPv6 Transition: Why A New Security Mechanisms Model Is Necessary.

This paper describes the scenario in the transition oflpv4 to lpv6 with focusing on the security issues involved in each of the transition methods: dual stack and tunneling. Then, the paper analyze the existing security mechanisms available and identify new considerations for a new security model

Traffic measurement and analysis of Wide Area Network (WAN) link usage: a case study of UiTM Perlis campus network / Abidah Mat Taib, Rafiza Ruslan and Abdul Hadi Kamel Abdullah

Network users normally will start complaining when the response time for the network access is intolerable or their network access is intermittently interrupted due to unclear reasons. Knowing how the network bandwidth is being utilized by the users will give the administrator some ideas of possible reasons for the network access problems and how to alleviate the problems. Some users may just use the network for running non bandwidth intensive applications like email and telnet and some users may use the network for running bandwidth intensive application such as video streaming and downloading big files using ftp application. Many users may visit popular web sites that are not related to their work during office hours. The above information about bandwidth utilization on a network link can be acquired through measurement and analysis of the network traffic that pass through the link. This paper discuss real time passive measurement of the network traffic on the WAN link that connects UiTM Perlis campus network to the main campus of UiTM in Shah Alam. The analysis of the traffic helped us to know some aspects of the WAN link utilization. This includes the average bandwidth utilization, popular application layer protocols and popular websites among different user segments and also some anomalies found in the captured trace

Enhanced risk assessment equation for IPV6 deployment

Deploying IPv6 concomitant with the emerging technologies exposes the enterprise networks to the unforeseen threats as well as the existing threats.In mitigating the threats, calculating the risks value for each of the identified threats is vital. However, the existing equation for risk assessment is inappropriate to be applied in assessing the risks in IPv6 because of their limitation in asset determination.Therefore, this paper highlights the modification made in the existing risk assessment equation.The enhanced risk assessment equation is used to calculate the risk value for IPv6 deployment.The enhanced equation adapts three elements: confidentiality, integrity and availability in achieving security goals. The importance of having the enhanced equation is it enables the network administrator to calculate the potential risks for each of the potential IPv6 attack.Securing the enterprise networks is an iterative process that has no ended points. Hence, it is crucial to modify and adapt a proper equation when performing the risk assessment.In the future, more experiments will be conducted to test for feasibility of the equation

I6-FPS: Automating the ICMPv6 Filtering Rules

Enterprises are required to utilize Internet Control Message Protocol version 6 (ICMPv6) when IPv6 is deployed. In IPv4, Internet Control Message Protocol (ICMP) is aggressively filtered by a network administrator while in IPv6, ICMPv6 messages cannot be aggressively filtered due to the function of ICMPv6 message. ICMPv6 security risks increase when ICMPv6 threats and vulnerabilities are exploited. Thus, it is very crucial for enterprises to address the issues. In practice, network researchers must review several resources to identify ICMPv6 related attacks occurring due to the exploitation of ICMPv6 vulnerabilities. Overlooking any of these issues will jeopardize the security of ICMPv6. While conducting the attack scenarios testing, IPv6-Filtering Prototype System (I6-FPS) was developed to overcome the deficiency and limited filtering tools that supported IPv6 filtering rules (ip6table). I6-FPS is used to automate and simplify the writing of ip6table and it was developed using PHP5 and Shell script languages. This research revealed that I6-FPS is significant in the initial phase of securing IPv6 deployment as well as focusing on the ICMPv6 filtering rules. The I6-FPS has the potential to be enhanced and developed over time by including more functions to that system in generating specific filtering ip6table rules

Application of Grounded Theory in Determining Required Elements for IPv6 Risk Assessment Equation

The deployment of Internet Protocol version 6 (IPv6) has raised security concerns among the network administrators. Thus, in strengthening the network security, administrator requires an appropriate method to assess the possible risks that occur in their networks. Aware of the needs to calculate risk in IPv6 network, it is essential to an organization to have an equation that is flexible and consider the requirements of the network. However, the existing risk assessment equations do not consider the requirement of the network. Therefore, this paper presents the adaptation of grounded theory to search for elements that are needed to develop IPv6 risk assessment (IRA6) equation. The attack scenarios’ experiments; UDP Flooding, TCP Flooding and Multicast attacks were carried out in different network environment to show how the IPv6 risk assessment equation being used. The result shows that the IRA6 equation is more flexible to be used regardless the network sizes and easier to calculate the risk value compared to the existing risk assessment equations. Hence, network administrators can have a proper decision making and strategic planning for a robust network security

Application of Grounded Theory in Determining Required Elements for IPv6 Risk Assessment Equation

The deployment of Internet Protocol version 6 (IPv6) has raised security concerns among the network administrators. Thus, in strengthening the network security, administrator requires an appropriate method to assess the possible risks that occur in their networks. Aware of the needs to calculate risk in IPv6 network, it is essential to an organization to have an equation that is flexible and consider the requirements of the network. However, the existing risk assessment equations do not consider the requirement of the network. Therefore, this paper presents the adaptation of grounded theory to search for elements that are needed to develop IPv6 risk assessment (IRA6) equation. The attack scenarios’ experiments; UDP Flooding, TCP Flooding and Multicast attacks were carried out in different network environment to show how the IPv6 risk assessment equation being used. The result shows that the IRA6 equation is more flexible to be used regardless the network sizes and easier to calculate the risk value compared to the existing risk assessment equations. Hence, network administrators can have a proper decision making and strategic planning for a robust network security