Netinfo Security ›› 2020, Vol. 20 ›› Issue (3): 83-89.doi: 10.3969/j.issn.1671-1122.2020.03.011

Previous Articles     Next Articles

IPv6 Network Attack Source Tracing Method Based on iTrace_v6

WANG Tengfei, CAI Manchun(), LU Tianliang, YUE Ting   

  1. People’s Public Security University of China, Beijing 100076, China
  • Received:2019-10-15 Online:2020-03-10 Published:2020-05-11

Abstract:

Network attack traceback technology, as an active security defense countermeasure technology, is an important technical means for emergency response in the information security technology system. Network attack traceability technology for IPv4 networks has a lot of research results, but due to the limited computing power of routers, some factors have a large negative impact on the link, and the log system is difficult to deploy. Some source tracing technologies can only stagnate in the experimental verification stage. Some established network attack retrospective systems also have shortcomings such as large storage overhead and requiring more manual intervention. In IPv6 networks, IP datagram formats, routing protocols, etc. have undergone major changes, and the emergence of new neighbor discovery protocols has made network attack methods more diverse. IPv6 networks urgently need efficient and stable methods for tracing the source of network attacks. Combining the characteristics of IPv6 networks, this paper proposes an IPv6 network attack traceability solution based on iTrace_v6, which improves the efficiency of generating traceability packets through a dual trigger mechanism. It can complete the restoration of the attack path while significantly reducing the dependence on attack duration. The use of thresholds to avoid the negative impact on the network link. The simulation of the network based on NS3 shows that iTrace_v6 has better performance than the existing algorithms.

Key words: traceback, network attacks, IPv6, iTrace_v6

CLC Number: