Hubballi et al., 2017 - Google Patents
A closer look into DHCP starvation attack in wireless networksHubballi et al., 2017
View PDF- Document ID
- 17935108902130022785
- Author
- Hubballi N
- Tripathi N
- Publication year
- Publication venue
- Computers & Security
External Links
Snippet
Abstract Dynamic Host Configuration Protocol (DHCP) is used by clients in a network to configure their interface with IP address and other network configuration parameters such as Default Gateway and DNS server IP addresses. This protocol is vulnerable to a Denial of …
- 235000003642 hunger 0 title abstract description 155
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/12—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents characterised by the data terminal contains provisionally no documents
- H04L29/12009—Arrangements for addressing and naming in data networks
- H04L29/12047—Directories; name-to-address mapping
- H04L29/12056—Directories; name-to-address mapping involving standard directories and standard directory access protocols
- H04L29/12066—Directories; name-to-address mapping involving standard directories and standard directory access protocols using Domain Name System [DNS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements or network protocols for addressing or naming
- H04L61/15—Directories; Name-to-address mapping
- H04L61/1505—Directories; Name-to-address mapping involving standard directories or standard directory access protocols
- H04L61/1511—Directories; Name-to-address mapping involving standard directories or standard directory access protocols using domain name system [DNS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/12—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents characterised by the data terminal contains provisionally no documents
- H04L29/12009—Arrangements for addressing and naming in data networks
- H04L29/1233—Mapping of addresses of the same type; Address translation
- H04L29/12339—Internet Protocol [IP] address translation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/12—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents characterised by the data terminal contains provisionally no documents
- H04L29/12009—Arrangements for addressing and naming in data networks
- H04L29/12792—Details
- H04L29/1283—Details about address types
- H04L29/12915—Internet Protocol version 6 (IPv6) addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/12—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents characterised by the data terminal contains provisionally no documents
- H04L29/12009—Arrangements for addressing and naming in data networks
- H04L29/12792—Details
- H04L29/1282—Proxying of addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/12—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents characterised by the data terminal contains provisionally no documents
- H04L29/12009—Arrangements for addressing and naming in data networks
- H04L29/12018—Mapping of addresses of different types; address resolution
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/12—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents characterised by the data terminal contains provisionally no documents
- H04L29/12009—Arrangements for addressing and naming in data networks
- H04L29/12207—Address allocation
- H04L29/12216—Internet Protocol [IP] addresses
- H04L29/12226—Internet Protocol [IP] addresses using the Dynamic Host Configuration Protocol [DHCP] or variants
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements or network protocols for addressing or naming
- H04L61/20—Address allocation
- H04L61/2007—Address allocation internet protocol [IP] addresses
- H04L61/2015—Address allocation internet protocol [IP] addresses using the dynamic host configuration protocol [DHCP] or variants
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements or network protocols for addressing or naming
- H04L61/25—Network arrangements or network protocols for addressing or naming mapping of addresses of the same type; address translation
- H04L61/2503—Internet protocol [IP] address translation
- H04L61/2507—Internet protocol [IP] address translation translating between special types of IP addresses
- H04L61/2517—Internet protocol [IP] address translation translating between special types of IP addresses involving port numbers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements or network protocols for addressing or naming
- H04L61/10—Mapping of addresses of different types; Address resolution
- H04L61/103—Mapping of addresses of different types; Address resolution across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Hubballi et al. | A closer look into DHCP starvation attack in wireless networks | |
| US8068414B2 (en) | Arrangement for tracking IP address usage based on authenticated link identifier | |
| Al-Ani et al. | Match-prevention technique against denial-of-service attack on address resolution and duplicate address detection processes in IPv6 link-local network | |
| Barbhuiya et al. | Detection of neighbor solicitation and advertisement spoofing in IPv6 neighbor discovery protocol | |
| Anbar et al. | Review of security vulnerabilities in the IPv6 neighbor discovery protocol | |
| Tripathi et al. | Exploiting DHCP server-side IP address conflict detection: A DHCP starvation attack | |
| Barbhuiya et al. | Detection of neighbor discovery protocol based attacks in IPv6 network | |
| EP4013004B1 (en) | Data processing method and device | |
| Rafiee et al. | SSAS: A simple secure addressing scheme for IPv6 autoconfiguration | |
| Beck et al. | Monitoring the neighbor discovery protocol | |
| US8898737B2 (en) | Authentication method for stateless address allocation in IPv6 networks | |
| Tripathi et al. | A probabilistic anomaly detection scheme to detect DHCP starvation attacks | |
| Rehman et al. | Rule-based mechanism to detect Denial of Service (DoS) attacks on Duplicate Address Detection process in IPv6 link local communication | |
| Jony et al. | An effective method to detect dhcp starvation attack using port scanning | |
| Shah et al. | Optimizing security and address configuration in IPv6 SLAAC | |
| Al-Ani et al. | NDPsec: Neighbor discovery protocol security mechanism | |
| Shah | A novel approach for securing IPv6 link local communication | |
| Pragya et al. | Optimized duplicate address detection for the prevention of denial-of-service attacks in IPv6 network | |
| Rehman et al. | Denial of service attack in IPv6 duplicate address detection process | |
| Usman et al. | Enhance neighbor discovery protocol security by using secure hash algorithm | |
| Syed et al. | Analysis of Dynamic Host Control Protocol Implementation to Assess DoS Attacks | |
| Ahmed et al. | Secure neighbor discovery (SeND): Attacks and challenges | |
| US9191361B2 (en) | Authentication method for stateless address allocation in IPV6 networks | |
| Groat et al. | Using dynamic addressing for a moving target defense | |
| Rehman et al. | Novel mechanism to prevent denial of service (DoS) attacks in IPv6 duplicate address detection process |