Method and system for preventing IPv6 (Internet Protocol Version 6) from duplicate address detection attack

A technology of address duplication detection and duplication detection, which is applied in the field of data communication, can solve problems such as malfunctioning and network attacks, and achieve the effect of easy expansion and transplantation

Active Publication Date: 2011-06-01
ZTE CORP
View PDF3 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Network attacks are mainly aimed at the latter two situations, that is, after receiving the NS message detected by the network node device DAD, the attacking device constructs an NA message or NS message for the address and replies back, making the network device mistakenly believe that The address configured by yourself is unavailable, so it cannot work normally, causing network attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for preventing IPv6 (Internet Protocol Version 6) from duplicate address detection attack
  • Method and system for preventing IPv6 (Internet Protocol Version 6) from duplicate address detection attack
  • Method and system for preventing IPv6 (Internet Protocol Version 6) from duplicate address detection attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] In order to make the technical problems, technical solutions and beneficial effects to be solved by the present invention clearer and clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0035] The present invention provides an embodiment of a method for preventing IPv6 address duplication detection attacks, such as figure 2 Shown is the flowchart of this embodiment, and the method includes,

[0036] S201, configure defense commands under the user operation interface;

[0037] In protection mode, enter ipv6 protect dad to run IPv6 protection DAD, and enable protection when the command takes effect;

[0038] S202, the internal protection of the protocol stack, after receiving the NA / NS response message for DAD detection, designate the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for preventing IPv6 (Internet Protocol Version 6) from duplicate address detection attack, which comprises the following steps: node equipment sends a neighbor solicitation (NS) message of duplicate address detection, appoints the source address of a received neighbor advertisement (NA) / NS message as the target address of the message after receiving the NA / NS message responding to duplicate address detection, sends an NS unicast reachability probe message and judges whether the response message is received; and if so, the node equipment ensures the configured IPv6 address to be in the duplicate state, otherwise, the node equipment ensures the configured IPv6 address to be in the available state. The invention also provides a system for preventing IPv6 from duplicate address detection attack. By applying the method and the system, the duplicate detection attack can be coped with and the network equipment can be protected.

Description

technical field [0001] The invention relates to the field of data communication, in particular to a method and system for preventing repeated detection attacks of IPv6 addresses. Background technique [0002] With the depletion of IPv4 addresses, the deployment of a large number of IPv6 networks is gradually put on the agenda, and its security issues are also gradually raised. Although it is generally believed that IPv6 is more secure than IPv4 because of IPsec, in actual deployment, due to insufficient technical capabilities or insufficient security infrastructure, IPv6 networks often do not take any security measures. Moreover, the basic mechanism of IPv6 network transmission is the same as that of IPv4, so IPv6 network is not more secure than IPv4 network. [0003] The security of IPv6 networks is generally divided into four categories: loopholes and deficiencies in implementation and deployment, non-IP layer attacks, security vulnerabilities during the transition period...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12H04L12/56
CPCH04L29/12009H04L61/2092H04L63/1441H04L61/6059H04L61/5092H04L2101/659
Inventor 李洪涛金飞蔡
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap