Covert channel in IPv6 Destination option Extension header

Author

Mavani, Monali ; Ragha, Lata

Author_Institution

MCA Dept., SIES Coll. of Manage. Studies, Navi Mumbai, India

fYear

2014

fDate

4-5 April 2014

Firstpage

219

Lastpage

224

Abstract

IPv6 is next generation Internet protocol whose market is going to increase as IPv4 addresses are exhausted and more mobile devices are attached to Internet. The experience with IPv6 protocol is less as its deployment is slow. So there are many unknown threats possible in IPv6 networks. One such threat addressed in this paper is covert communication in the network. Covert channel is way of communicating classified information. In network it is done by network protocol´s control fields. Destination option Extension header of IPv6 is used to pass secret information which is shown experimentally in real test network set up. For creation of attack packets Scapy-Python based API is used. Covert channel due to unknown option and nonzero padding in PadN option is shown. Their detection is also proposed and detector logic is implemented using shell scripting and C programming.

Keywords

IP networks; application program interfaces; computer network security; protocols; C programming; IPv4 addresses; IPv6 destination option extension header; IPv6 networks; PadN option; Scapy-Python based API attack packets; covert channel; covert communication; detector logic; extension header; mobile devices; network protocol control fields; next generation Internet protocol; nonzero padding; shell scripting; test network set up; Detectors; IP networks; Information technology; Internet; Operating systems; Protocols; Security; Extension Header; IPv6; Scapy; covert channel;

fLanguage

English

Publisher

ieee

Conference_Titel

Circuits, Systems, Communication and Information Technology Applications (CSCITA), 2014 International Conference on

Conference_Location

Mumbai

Type

conf

DOI

10.1109/CSCITA.2014.6839262

Filename

6839262