The Community for Technology Leaders
RSS Icon
Issue No.04 - July-Aug. (2012 vol.10)
pp: 35-43
Matthew Dunlop , Virginia Tech
Stephen Groat , Virginia Tech
William Urbanski , Dell SecureWorks
Randy Marchany , Virginia Tech
Joseph Tront , Virginia Tech
Most networks today employ static network defenses. The problem with static defenses is that adversaries have unlimited time to circumvent them. This article proposes a moving-target defense based on the Internet Protocol version 6 (IPv6) that dynamically obscures network-layer and transport-layer addresses. This technique can be thought of as "frequency hopping" in the Internet Protocol space. By constantly moving the logical location of a host on a network, this technique prevents targeted attacks, host tracking, and eavesdropping. The authors demonstrate the design's feasibility and functionality using prototypes deployed on Virginia Tech's campuswide IPv6 network.
Logic gates, Privacy, Protocols, Receivers, Cryptography, IP networks, Target detection, privacy, moving-target defense, IPv6, security
Matthew Dunlop, Stephen Groat, William Urbanski, Randy Marchany, Joseph Tront, "The Blind Man's Bluff Approach to Security Using IPv6", IEEE Security & Privacy, vol.10, no. 4, pp. 35-43, July-Aug. 2012, doi:10.1109/MSP.2012.28
1. T. Narten, R. Draves, and S. Krishnan, “Privacy Extensions for Stateless Address Autoconfiguration in IPv6,” RFC 4941, Internet Eng. Task Force, Sept. 2007.
2. R. Hinden and S. Deering, “IP Version 6 Addressing Architecture,” RFC 4291, Internet Eng. Task Force, Feb. 2006.
3. T. Narten et al., “Neighbor Discovery for IP version 6 (IPv6),” RFC 4861, Internet Eng. Task Force, Sept. 2007.
4. S. Thomson, T. Narten, and T. Jinmei, “IPv6 Stateless Address Autoconfiguration,” RFC 4862, Internet Eng. Task Force, Sept. 2007.
5. S. Deering and R. Hinden, “Internet Protocol, Version 6 (IPv6) Specification,” RFC 2460, Internet Eng. Task Force, Dec. 1998.
36 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool