The deployment of Internet Protocol version 6 (IPv6) has raised security concerns among the network administrators. Thus, in strengthening the network security, administrator requires an appropriate method to assess the possible risks that occur in their networks. Aware of the needs to calculate risk in IPv6 network, it is essential to an organization to have an equation that is flexible and consider the requirements of the network. However, the existing risk assessment equations do not consider the requirement of the network. Therefore, this paper presents the adaptation of grounded theory to search for elements that are needed to develop IPv6 risk assessment (IRA6) equation. The attack scenarios’ experiments; UDP Flooding, TCP Flooding and Multicast attacks were carried out in different network environment to show how the IPv6 risk assessment equation being used. The result shows that the IRA6 equation is more flexible to be used regardless the network sizes and easier to calculate the risk value compared to the existing risk assessment equations. Hence, network administrators can have a proper decision making and strategic planning for a robust network security.
Escalation of Internet-of-Thing (IoT) may cause internet users being exposed to IPv6 security issues. End-to-end connection feature in IPv6 can be misused by attackers to flood targeted host. Using User Datagram Protocol (UDP), attackers can certainly congest the network by injecting UDP packets during network communication. This will introduce risk if there is no precaution step taken. Enhanced risk assessment equation can be adopted to mitigate the perils. Thus, this paper presents the use of enhanced risk assessment equation to identify risk value that is caused by UDP flooding attack. The attack was simulated using OMNeT++ simulation software. The inputs that were considered in the enhanced equation are based on the features of the tested network scenarios. The obtained risk value can be used in determining appropriate mitigation techniques that help the organization in maintaining and strengthening their network. It also offers organization to secure their network resources and assets. Furthermore, this paper also reveals that the enhanced risk assessment equation is flexible to be used in any situation. Hereafter, more IPv6 based protocols will be tested to measure the capability of using the enhanced equation.
Every device on earth these days is associated with the Internet which brings humans an advancement of communication. Nonetheless, this technology discloses the user to the security threat. Barely users are sensitive that their data are being monitored by Internet Service Providers (ISPs) and other third-party companies. Furthermore, every webpage they visit, each information they fill in the search box are being monitored by a third-party company that wanted to know the user's interest and then will pop up advertisement which related to the user's interest. This turns into the issue when the third party has all the sensitive information and misuses it in unethical manners. Thus, it is the reason why a device that can protect the user is needed. A device with a capability to conceal the user's Internet Protocol (IP) and protect the user from any tracker and advertisement from the internet is proposed in this project. Hiding the user's IP address can be done by masking it with the OpenVPN server that is deployed in another country than making it safe for the user from being tracked by an attacker. Besides, blocking any Domain Name System (DNS) request for known tracking and advertising domain is achieved by using the Pi-Hole project that is being maintained by the online community. Along with that, the implementation of OSSEC IPS inside the Raspberry Pi has successfully prevented the brute force attack from inside the network to provide additional protection. The device with these integrated features is called VPiSec. Then, the network performance in terms of speed during the uploading and downloading before and after applying VPiSec is evaluated to see whether it is degraded. The findings show that there is no significant difference in terms of uploading and downloading speed without and with the application of WPiSec. Thus, users gained secure network activities while enjoying a smooth network performance.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.