Abstract
Mobile IPv6 runs high risk of being attacked by IP spoofing due to the introduction of mobility and route optimization. In this paper, an authentic IP address validation scheme is proposed to protect mobile nodes in Mobile IPv6 against IP spoofing attack. The mobile nodes’ historical traffic information is leveraged to validate the authenticity of its claimed home address in the scheme. Compared with other authentication schemes, this scheme is much simpler to implement and easier to deploy based on the usage of real data, and does not require additional computational overhead. It also solves the address ownership problem and the unauthenticated binding update issue in Mobile IPv6. Real traces are used to demonstrate the applicability of the scheme in this paper. The experimental results show that only three consecutive historical packet records are required to construct a unique authentication key, which can identify forged home address efficiently.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Andersen, D., Balakrishnan, H., Feamster, N., Koponen, T., Moon, D., Shenker, S.: Accountable internet protocol(aip). In: Proceedings of ACM SIGCOMM (2008)
Arkko, J., Devarapalli, V., Dupont, F.: Using ipsec to protect mobile ipv6 signaling between mobile nodes and home agents. RFC 3776 (June 2004)
Aura, T.: Cryptographically generated addresses(cga). RFC 3972 (March 2005)
Bos, J.W., Özen, O., Hubaux, J.: Analysis and optimization of cryptographically generated addresses(cga). In: Proceedings of ISC (2009)
Elgoarany, K., Eltoweissy, M.: Security in mobile ipv6: a survey. Information Security Technical Report 12(1), 32–43 (2007)
Hu, Y., Chiu, D.-M., Lui, J.C.S.: Entropy based adaptive flow aggregation. IEEE/ACM Transactions on Networking(TON) 17(3), 115–139 (2009)
Johnson, D.B., Perkins, C., Arkko, J.: Mobility support in ipv6. RFC 3775 (June 2004)
Kivi, A.: Mobile data adoption in finland 2005-2006. In: Proceedings of the 6th Conference on Telecommunication Techno-Economics(CTTE), Helsinki, Finland (June 2007)
Li, J., Zhang, P., Sampalli, S.: Improved security mechanism for mobile ipv6. International Journal of Network Security 6(3), 291–300 (2008)
Mankin, A., Patil, B., Harkins, D., Nordmark, E., Nikander, P., Roberts, P., Narten, T.: Threat models introduced by mobile ipv6 and requirements for security in mobile ipv6. IETF draft-ietf-mipv6-scrty-reqts-02.txt (2001)
Moskowitz, R., Nikander, P.: Host identity protocol (hip) architecture. RFC 4423 (May 2006)
Nikander, P., Aura, T., Arkko, J., Montenegro, G.: Mobile ip version 6 (mipv6) route optimization security design. In: Proceedings of the IEEE Vehicular Technology Conference Fall 2003 (2003)
Ren, K., Lou, W., Zeng, K., Bao, F., Zhou, J., Deng, R.H.: Routing optimization security in mobile ipv6. Computer Networks: The International Journal of Computer and Telecommunications Networking 50(13), 2401–2419 (2006)
Riikonen, A.: Mobile internet usage - network traffic measurements. Master’s Thesis. Department of Communications and Networking, Helsinki University of Technology, Espoo (September 2009)
Song, S., Choi, H.-K., Kim, J.-Y.: A secure and light weight approach for routing optimization in mobile ipv6. EURASIP Journal on Wireless Communications and Networking (2009)
Wu, J., Bi, J., Li, X., Ren, G., Xu, K., Williams, M.: A source address validation architecture (sava) testbed and deployment experience. RFC 5210 (June 2008)
Wu, J., Ren, G., Li, X.: Source address validation: Architecture and protocol design. In: Proceedings of ICNP (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 IFIP International Federation for Information Processing
About this paper
Cite this paper
Zhu, M., Xu, K., Li, Q. (2011). Access Path Based Source Address Validation in Mobile IPv6. In: Altman, E., Shi, W. (eds) Network and Parallel Computing. NPC 2011. Lecture Notes in Computer Science, vol 6985. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24403-2_26
Download citation
DOI: https://doi.org/10.1007/978-3-642-24403-2_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24402-5
Online ISBN: 978-3-642-24403-2
eBook Packages: Computer ScienceComputer Science (R0)