Mechanism to prevent the abuse of IPv6 fragmentation in OpenFlow networks

Al-Ani, Ayman; Anbar, Mohammed; Laghari, Shams A.; Al-Ani, Ahmed

doi:10.1371/journal.pone.0232574

Cited by 6 publications

(8 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In order to successfully carry out cyber-attacks on SECS/GEM communications, it is important to eavesdrop and capture the packets while in transit and then modify them to launch attacks such as DoS attack, replay attack, and FDIA. For this purpose, the Python-based Scapy tool is used to capture, modify, and transmit forged packets to the target entity [26]. The attacks were repeated 30 times for each attack scenario, and results were measured for each process.…”

Section: Experiments and Resultsmentioning

confidence: 99%

Cyberattacks and Vociferous Implications on SECS/GEM Communications in Industry 4.0 Ecosystem

Laghari¹,

Manickam²,

Karuppayah³

et al. 2021

IJACSA

Self Cite

View full text Add to dashboard Cite

Information and communications technology (ICT)is prevalent in almost every field of industrial production and manufacturing processes at present. A typical industry network consists of sensors, actuators, devices, and services to connect, track, and manage production processes to increase performance and boost productivity. The SEMI Equipment Communications Standard/Generic Equipment Model (SECS/GEM) is SEMI's Machine-to-Machine (M2M) protocol for equipment-to-host data communications. It is the most popular and profoundly used M2M communication protocol operating in the manufacturing industry. With Industry 4.0 as a guiding factor, connectivity to business networks is required for accessing real-time data whenever and wherever needed. This openness of connectivity raises security concerns as SECS/GEM protocol offers no security, which endangers exposing the manufacturing industries' business secrets and production processes. This paper discusses the key processes involved in SECS/GEM communications and how potential attackers can manipulate these processes to obtain illegal or unauthorized access. The experiments' results indicate that the SECS/GEM processes are entirely vulnerable to numerous attacks, including DoS attack, Replay attack, and False-Data-Injection-Attack. Thus, the future direction involves developing a prevention mechanism that aims at securing the SECS/GEM processes in the industrial network. This study's findings are useful as preliminary guidance for the infrastructure owners to plan for appropriate security measures to protect the industrial network.

show abstract

Section: Experiments and Resultsmentioning

confidence: 99%

Cyberattacks and Vociferous Implications on SECS/GEM Communications in Industry 4.0 Ecosystem

Laghari¹,

Manickam²,

Karuppayah³

et al. 2021

IJACSA

Self Cite

View full text Add to dashboard Cite

show abstract

“…The SDN controller is responsible for forwarding processing rules of the flows in the network by installing flow entries onto the OpenFlow-enabled switches [37]. The OpenFlow specification permits network switches to operate in proactive or reactive mode.…”

Section: Openflow Forwarding Processmentioning

confidence: 99%

A Systematic Literature Review on Machine Learning and Deep Learning Approaches for Detecting DDoS Attacks in Software-Defined Networking

Bahashwan

Anbar

Manickam

et al. 2023

Sensors

Self Cite

View full text Add to dashboard Cite

Software-defined networking (SDN) is a revolutionary innovation in network technology with many desirable features, including flexibility and manageability. Despite those advantages, SDN is vulnerable to distributed denial of service (DDoS), which constitutes a significant threat due to its impact on the SDN network. Despite many security approaches to detect DDoS attacks, it remains an open research challenge. Therefore, this study presents a systematic literature review (SLR) to systematically investigate and critically analyze the existing DDoS attack approaches based on machine learning (ML), deep learning (DL), or hybrid approaches published between 2014 and 2022. We followed a predefined SLR protocol in two stages on eight online databases to comprehensively cover relevant studies. The two stages involve automatic and manual searching, resulting in 70 studies being identified as definitive primary studies. The trend indicates that the number of studies on SDN DDoS attacks has increased dramatically in the last few years. The analysis showed that the existing detection approaches primarily utilize ensemble, hybrid, and single ML-DL. Private synthetic datasets, followed by unrealistic datasets, are the most frequently used to evaluate those approaches. In addition, the review argues that the limited literature studies demand additional focus on resolving the remaining challenges and open issues stated in this SLR.

show abstract

“…Therefore, this is also an indication that the three popular routers were prone to extension header vulnerabilities [21] up to now and the network administrator needs to address these vulnerabilities [22] and fix them before these malformed packets reach their targeted destinations [23]. Security features mitigating this kind of adversary must be implemented during the deployment of IPv6 network [24], [25].…”

Section: Routing Header 0 (Rh0) Attackmentioning

confidence: 99%

Denial of service attack: an analysis to IPv6 extension headers security nightmares

Naagas

Gamilla

2022

IJECE

View full text Add to dashboard Cite

Dealing with scarcity issues of Internet protocol version 4 (IPv4), internet engineering task force (IETF) developed Internet protocol version 6 (IPv6) to support the needs of IP addresses for future use of the internet, however, one challenge that must be faced while transitioning to IPv6 is in the area of security. IPv6 is a new protocol that has many new probabilities for attackers to exploit the protocol stack and one of them is through IPv6 extension headers. Mishandling of extension headers are the security nightmares for network administrators, allowing for new security threats that will cause denial of service (DoS). As a result, the mishandling of IPv6 extension Headers creates new attack vectors that could lead to DoS–which can be exploited for different purposes, such as creating covert channels, fragmentation attacks, and routing header 0 attacks. Furthermore, this paper becomes proof of concepts that even to this day our well-known network devices are still exploitable by these attack vectors.

show abstract

Mechanism to prevent the abuse of IPv6 fragmentation in OpenFlow networks

Cited by 6 publications

References 21 publications

Cyberattacks and Vociferous Implications on SECS/GEM Communications in Industry 4.0 Ecosystem

Cyberattacks and Vociferous Implications on SECS/GEM Communications in Industry 4.0 Ecosystem

A Systematic Literature Review on Machine Learning and Deep Learning Approaches for Detecting DDoS Attacks in Software-Defined Networking

Denial of service attack: an analysis to IPv6 extension headers security nightmares

Contact Info

Product

Resources

About