Crosby-Signed Thesis - Alliance Digital Repository

More documents

Recommendations

Info

IMPACT OF IPV6 TRANSITION MECHANISMS ON THE NETWORK FORENSIC 3 While the new protocol has quietly penetrated the network environment, the academic and business communities have neglected research and development in this area. Despite consumer device support, network security vendors have been slow to support IPv6 in their products because low utilization rates make it difficult to realize a return on investment. Researchers have addressed general security in IPv6; however, they have neglected a technical discussion of the context and nature of the traffic. Attackers will exploit attack vectors that offer the greatest chance of success with the least chance of being discovered. The IPv6 protocol is available and can covertly traverse the network which opens up an opportunity that will lead to growth in IPv6 based attacks. Research Objective The primary objective of this study was to develop a practical methodology for investigating and analyzing transitional networks. To accomplish this goal, the study employed a qualitative method based on the active research methodology to evaluate the IPv6 transition mechanisms, operating systems, and attack vectors. First, the literature review enumerated current research in digital forensics, IPv6 transition mechanisms, operating system support, and IPv6 vulnerabilities. Second, a virtual lab environment was created and testing procedures were designed to answer the research sub-problems. Third, the procedures were implemented while the researcher recorded operating system states, tool output, and other observations. Finally, the discoveries and results were analyzed and distilled into three outputs that supported the proposed investigative methodology. First, the implications of IPv6 transition mechanisms on the digital forensics discipline were outlined. Second, a summary of the behaviors of each transition mechanism and operating system in the study was presented from the perspective of a forensic
IMPACT OF IPV6 TRANSITION MECHANISMS ON THE NETWORK FORENSIC 4 investigator or investigator. Finally, a methodology was proposed for the forensic analysis of IPv6 traffic in a transitional network. Delimitations and Limitations This study did not address networks where the IPv6 protocol was a planned part of the infrastructure. Organizations that plan and implement IPv6 would likely implement security controls and have an enhanced understanding of the context of traffic within the network. Therefore, the study did not address hardware transition mechanisms and IPv6 hardware nodes that required a planned implementation. This study also did not serve as an analysis of IPv6 attacks or highlight new methods of exploiting IPv6 clients. In order for an investigator or analyst to identify suspicious or malicious traffic, they must first understand the context of normal traffic within the network. The study analyzed selected attacks to provide a better understanding of potential malicious packets; however, the focus of the study was on providing a basis for identifying unknown or suspicious traffic for further analysis. Additionally, this study was not an analysis of tools used in forensic analysis or the performance factors involved with network monitoring. Network monitoring tools provide common functions such as protocol analysis, packet captures and injections. Tools were selected for use in the study; however, the focus was on the context of the packets. Time and resource limitations controlled the scope of the study by limiting the transition mechanisms and source nodes that were analyzed. The study focused on the most common nodes and transition mechanisms that were freely available for use in the testing environment.
Page 1 and 2: Regis University College for Profes
Page 3 and 4: IMPACT OF IPV6 TRANSITION MECHANISM
Page 15: IMPACT OF IPV6 TRANSITION MECHANISM
Page 67 and 68:
IMPACT OF IPV6 TRANSITION MECHANISM
Page 69 and 70:
Page 71 and 72:
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
Page 79 and 80:
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88:
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Page 101 and 102:
Page 103 and 104:
Page 105 and 106:
Page 107 and 108:
Page 109 and 110:
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
Page 153 and 154:
Page 155 and 156:
Page 157 and 158:
Page 159 and 160:
Page 161 and 162:
Page 163 and 164:
Page 165 and 166:
Page 167 and 168:
Page 169 and 170:
Page 171 and 172:
Page 173 and 174:
Page 175 and 176:
Page 177 and 178:
Page 179 and 180:
Page 181 and 182:
Page 183 and 184:
Page 185 and 186:
Page 187 and 188:
Page 189 and 190:
Page 191 and 192:
Page 193 and 194:
Page 195 and 196:
Page 197 and 198:
Page 199 and 200:
Page 201 and 202:
Page 203 and 204:
Page 205 and 206:
Page 207 and 208:
Page 209 and 210:
Page 211 and 212:
Page 213 and 214:
Page 215 and 216:
Page 217 and 218:
Page 219 and 220:
Page 221 and 222:
Page 223 and 224:
Page 225 and 226:
Page 227 and 228:
Page 229 and 230:
Page 231 and 232:
Page 233 and 234:
Page 235 and 236:
Page 237 and 238:
Page 239 and 240:
Page 241 and 242:
Page 243 and 244:
Page 245 and 246:
Page 247 and 248:
Page 249 and 250:
Page 251 and 252:
Page 253 and 254:
Page 255 and 256:
show all

Crosby-Signed Thesis - Alliance Digital Repository

Create successful ePaper yourself

Delete template?

Save as template?