• DocumentCode
    3097651
  • Title

    Analysis and improvement of IKEv2 against denial of service attack

  • Author

    Xiaowei, Zhu ; Haigang Zhou ; Jun, Liu

  • Author_Institution
    Inst. of Commun. Eng., PLA Univ. of Sci. & Technol., Nanjing, China
  • Volume
    1
  • fYear
    2010
  • fDate
    18-19 Oct. 2010
  • Abstract
    IKEv2 is the new version of Internet Key Exchange protocol. Despite of its several advantages, it is still vulnerable to denial of service attack. In this paper, we propose an improvement of IKEv2, which is based on the shared secret and asymmetric distribution of calculations. By analyzing the improved IKEv2 with a cost-based framework, we conclude that the improvement is secure against DoS attack. Furthermore, associated with cookie mechanism, the improvement can prevent flooding attack from spoofed IP addresses. And the improvement can also achieve the identity authentication in advance, resist man-in-the-middle attack and replay attack.
  • Keywords
    IP networks; Internet; computer network security; message authentication; protocols; IKEv2; asymmetric distribution; cookie mechanism; denial of service attack; identity authentication; internet key exchange protocol; man-in-the-middle attack; replay attack; shared secret; spoofed IP address; Cryptography; DoS attack; IKEv2; cost; man-in-the-middle attack; replay attack;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Networking and Automation (ICINA), 2010 International Conference on
  • Conference_Location
    Kunming
  • Print_ISBN
    978-1-4244-8104-0
  • Electronic_ISBN
    978-1-4244-8106-4
  • Type

    conf

  • DOI
    10.1109/ICINA.2010.5636375
  • Filename
    5636375
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3097651