6th European Conference - Academic Conferences
6th European Conference - Academic Conferences
6th European Conference - Academic Conferences
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Stephen Groat et al.<br />
changing addresses multiple times within a session prevents the attacker from capturing enough<br />
network traffic to correlate the nature of a communication between two hosts.<br />
Our particular approach leverages IPv6. As eluded to in Section 4.1, current methods for locating a<br />
target address in an IPv6 subnet are infeasible in a reasonable amount of time. The immense IPv6<br />
address space will also likely be sparsely populated. As discussed in Section 4.3, locating any host in<br />
a sparsely populated address space is probabilistically difficult. In addition to the difficulty of locating<br />
hosts in a sparsely populated subnet, hosts using a dynamic addressing scheme can reasonably<br />
expect not to collide with occupied addresses when rotating their addresses. In order to achieve a<br />
reasonable dynamic addressing algorithm in IPv4, hosts would have to draw from a pool of unused<br />
addresses. Reserving pools of addresses are more difficult with the depletion of the IPv4 address<br />
space (NRO 2010). Additionally, an IPv4 pool of addresses, regardless of how large, would be almost<br />
trivial for an attacker to scan. To achieve a sufficiently randomized dynamic addressing algorithm, we<br />
plan to repeatedly use a cryptographic hash function to obscure the 64-bit interface identifier that<br />
makes up the subnet portion of an IPv6 address. By using a cryptographic hash function, malicious<br />
hosts cannot feasibly predict the dynamic address (Schneier 1996). Since hosts in IPv6 can generate<br />
and advertise their own addresses (Thomson, Narten & Jinmei 2007), obscuration is kept local.<br />
Localizing obscuration reduces the possibility of a malicious host performing any type of address<br />
hijacking or man-in-the-middle attack. It also reduced the computational overhead that address<br />
generation servers would incur.<br />
9. Conclusion<br />
As users exchange more personally identifiable information over the Internet, it is increasingly<br />
important to protect users’ security and privacy. One of the best ways to accomplish this is through<br />
the use of a moving target defense. At the network layer, this can be achieved by dynamically<br />
changing host IP addresses. Frequently changing addresses are probabilistically more difficult to<br />
detect than static addresses. Dynamic addresses also provide an additional layer of security for hosts<br />
that are detected by an attacker. An attacker is unable to compromise hosts for a significant period of<br />
time since the hosts’ network address changes. Dynamically changing addresses provide security and<br />
privacy by creating a moving target solution implementable as low as the network layer of the protocol<br />
stack.<br />
References<br />
Bagnulo, M., & Arkko, J. October 2006. Cryptographically Generated Addresses (CGA) Extension Field Format.<br />
RFC 4581 (Proposed Standard).<br />
Dunlop, M., Groat, S., Marchany, R., & Tront, J., 23-28 January 2011. ‘IPv6: Now You See Me, Now You Don't’,<br />
Proceedings of the Tenth International <strong>Conference</strong> on Networks (ICN 2011), St. Maarten, The Netherlands<br />
Antilles.<br />
Fink, R. A., Brannigan, M. A., Evans, S. A., Almeida, A. M., & Ferguson, S. A. 9 May 2006. Method and<br />
Apparatus for Providing Adaptive Self-Synchronized Dynamic Address Translation, United States Patent<br />
No. US 7,043,633 B1.<br />
GLORIAD. 2010. GLORIAD Average Round Trip Time - Last Week. [Online] Available<br />
http://www.gloriad.org/gloriad/monitor/stats/avg_round_trip_time.week.html. [11 October, 2010].<br />
Johnson, P. C., Kapadia, A., Tsang, P. P., & Smith, S. W. 2007. ‘Nymble: Anonymous IP-Address Blocking’,<br />
Privacy Enhancing Technologies Symposium (PET '07), Ottawa, Canada, pp.113-133.<br />
Koukis, D., Antonatos, S., & Anagnostakis, K. 2006. On the Privacy Risks of Publishing Anonymized IP Network<br />
Traces. Communications and Multimedia Security, 4237: 22-32.<br />
Narten T., Draves, R., & Krishnan, S. September 2007. Privacy Extensions for Stateless Address<br />
Autoconfiguration in IPv6. RFC 4941 (Draft Standard).<br />
NRO. 2010. Remaining IPv4 address space drops below 5%. [Online] Available http://www.nro.net/<br />
media/remaining-ipv4-address-below-5.html, [7 November, 2010].<br />
Reiter, M., & Rubin, A. ‘Anonymous Web Transactions with Crowds’, Communications of the ACM, vol. 42, no. 2,<br />
pp. 32-48.<br />
Schneier, B. 1996. Applied Cryptography: Protocols, Algorithms, and Source Code in C. (2 nd Edition. New York:<br />
Wiley.<br />
Sheymov, V. I. 18 February, 2010. Method and Communications and Communication Network Intrusion<br />
Protection Methods and Intrusion Attempt Detection System, United States Patent No. US 2010/0042513<br />
A1.<br />
Shields, C., & Levine, B. N. 2000. ‘A protocol for anonymous communication over the Internet’, Proceedings of<br />
the 7th ACM conference on Computer and communications security, Athens, Greece, pp. 33-42.<br />
Thomson, S., Narten T., & Jinmei, T. September 2007. IPv6 Stateless Address Autoconfiguration. RFC 4862<br />
(Draft Standard).<br />
91