The STRIDE Towards IPv6: A Comprehensive Threat Model for IPv6 Transition Technologies

M. Georgescu, H. Hazeyama, T. Okuda, Y. Kadobayashi, S. Yamaguchi

2016

Abstract

The IPv6 worldwide deployment rate is still a single figure. This is due to the many challenges introduced by the transition period through which both IPv4 and IPv6 will need to coexist. One of the biggest concerns related to the IPv6 transition is security, which is more difficult to ensure in a heterogeneous environment. To clarify the security threats introduced by IPv6 transition technologies, this article proposes a comprehensive threat model built around the established STRIDE approach. To verify the usefulness of the proposed model, a threat analysis of four generic categories of IPv6 transition technologies is performed. Existing and new threats are documented, classified and prioritized. To further validate some of the documented threats, preliminary penetration test data is presented.

References

  1. Abad, C. L., Bonilla, R., et al. (2007). An analysis on the schemes for detecting and preventing arp cache poisoning attacks. In Distributed Computing Systems Workshops, 2007. ICDCSW'07. 27th International Conference on, pages 60-60. IEEE.
  2. Anderson, T. (2015). SIIT-DC: Stateless IP/ICMP Translation for IPv6 Data Centre Environments. draft-ietfv6ops-siit-dc-01.
  3. APNIC (2015). IPv6 measurements for The World.
  4. Arkko, J., Kempf, J., Zill, B., and Nikander, P. (2005). SEcure Neighbor Discovery (SEND). RFC 3971 (Proposed Standard). Updated by RFCs 6494, 6495.
  5. Asama, M. (2014). MAP supported Vyatta [Online]. Available: http://enog.jp/~masakazu/vyatta/map/.
  6. Atkinson, R. and Fanto, M. (2007). RIPv2 Cryptographic Authentication. RFC 4822 (Proposed Standard).
  7. Bagnulo, M., Matthews, P., and van Beijnum, I. (2011). Stateful NAT64: Network Address and Protocol Translation from IPv6 Clients to IPv4 Servers. RFC 6146 (Proposed Standard).
  8. Baker, F., Li, X., Bao, C., and Yin, K. (2011). Framework for IPv4/IPv6 Translation. RFC 6144 (Informational).
  9. Bao, C., Huitema, C., Bagnulo, M., Boucadair, M., and Li, X. (2010). IPv6 Addressing of IPv4/IPv6 Translators. RFC 6052 (Proposed Standard).
  10. Bao, C., Li, X., Zhai, Y., and Shang, W. (2014). dIVI: DualStateless IPv4/IPv6 Translation. draft-xli-behavedivi-06.
  11. Bellovin, S. M. (1989). Security problems in the tcp/ip protocol suite. SIGCOMM Comput. Commun. Rev., 19(2):32-48.
  12. Conta, A. and Gupta, M. (2006). Internet control message protocol (icmpv6) for the internet protocol version 6 (ipv6) specification. RFC 4443 (Proposed standard).
  13. Convery, S. and Miller, D. (2004). Ipv6 and ipv4 threat comparison and best-practice evaluation.
  14. Davies, E., Krishnan, S., and Savola, P. (2007). IPv6 Transition/Co-existence Security Considerations. RFC 4942 (Informational).
  15. Durand, A., Droms, R., Woodyatt, J., and Lee, Y. (2011). Dual-Stack Lite Broadband Deployments Following IPv4 Exhaustion. RFC 6333 (Proposed Standard).
  16. Garg, A. and Reddy, A. N. (2004). tacks through qos regulation. Microsystems, 28(10):521-530.
  17. Gervais, A. (2012). Security analysis of industrial control systems. Aalto University-KTH Stockholm, Jun, 29.
  18. Gont, F. (2011). Security assessment of the internet protocol version 4. RFC 6274 (Informational).
  19. Gupta, M. and Melam, N. (2006). Authentication/Confidentiality for OSPFv3. RFC 4552 (Proposed Standard).
  20. Harris, B. and Hunt, R. (1999). Tcp/ip security threats and attack methods. Computer Communications, 22(10):885-897.
  21. Hernan, S., Lambert, S., Ostwald, T., and Shostack, A. (2006). Threat modeling-uncover security design flaws using the stride approach. MSDN MagazineLouisville, pages 68-75.
  22. Huston, G. (2015). IPv4 Address Report.
  23. ITU-T (2013). ITU-T Rec. X.1037 (10/2013) IPv6 technical security guidelines. Recommendation X.1037.
  24. Khallouf, Z., Roca, V., Moignard, R., and Loye, S. (2005). A Filtering Approach for an IGMP Flooding Resilient Infrastrcuture. 4th Conference on Security and Network Architectures(SAR'05), Batz sur Mer, France.
  25. Li, X., Bao, C., and Baker, F. (2011a). IP/ICMP Translation Algorithm. RFC 6145 (Proposed Standard). Updated by RFC 6791.
  26. Li, X., Bao, C., Chen, M., Zhang, H., and Wu, J. (2011b). The China Education and Research Network (CERNET) IVI Translation Design and Deployment for the IPv4/IPv6 Coexistence and Transition. RFC 6219 (Informational).
  27. Li, X., Bao, C., Dec, W., Troan, O., , Matsushima, S., Murakami, T., and Taylor, T. (2015). Mapping of Address and Port using Translation (MAP-T). RFC 7599 (Proposed Standard).
  28. Low, C. (2001). Icmp attacks illustrated. SANS Institute URL: http://rr. sans. org/threats/ICMP attacks. php (12/11/2001).
  29. Matsuhira, N. (2015). SA46T Address Translator. draftmatsuhira-sa46t-at-05.
  30. Mawatari, M., Kawashima, M., and Byrne, C. (2013). 464XLAT: Combination of Stateful and Stateless Translation. RFC 6877.
  31. McRee, R. (2009). IT Infrastructure Threat Modeling Guide. Microsoft Technet.
  32. Moy, J. (1998). OSPF Version 2. RFC 2328 (INTERNET STANDARD). Updated by RFCs 5709, 6549, 6845, 6860.
  33. Nikander, P., Kempf, J., and Nordmark, E. (2004). IPv6 Neighbor Discovery (ND) Trust Models and Threats. RFC 3756 (Informational).
  34. Nordmark, E. and Gilligan, R. (2005). Basic Transition Mechanisms for IPv6 Hosts and Routers. RFC 4213 (Proposed Standard).
  35. NRO (2014). Free Pool of IPv4 Address Space Depleted [Online]. Available: http://www.nro.net/news/ipv4- free-pool-depleted.
  36. OWASP (2015). Application Threat Modeling. OWASP Foundation.
  37. Pilihanto, A. (2011). A complete guide on ipv6 attack and defense. Sans. org [online].
  38. Rouiller, S. A. (2003). Virtual lan security: weaknesses and countermeasures. available at uploads. askapache. com/2006/12/vlan-security-3. pdf.
  39. Troan, O., Dec, W., Li, X., Bao, C., Matsushima, S., Murakami, T., and Taylor, T. (2015). Mapping of Address and Port with Encapsulation (MAP-E). RFC 7597 (Proposed Standard).
  40. Tsou, T., Cui, Y., Boucadair, M., Farrer, I., and Lee, Y. (2015). Lightweight 4over6: An Extension to the Dual-Stack Lite Architecture. RFC 7596 (Proposed Standard). RIPv2-MG-2015-1 RIPv2 simple password authentication
  41. (Atkinson and Fanto, 2007) issues RIPv2-MG-2015-2
  42. (Atkinson and Fanto, 2007) RIPv2 Security Association expiration RIPv2-MG-2015-3
  43. (Atkinson and Fanto, 2007) RIPv2 Security Association OSPFv2-MG-2015-1 (Moy, 1998) OSPFv2-MG-2015-2 OSPFv2 cryptographic authentication (Moy, 1998) sequence number prediction
  44. OSPFv3-MG-2015-1
  45. (Gupta and Melam, 2006) OSPFv3 using the same manual key Legend associaced with High likelihood associaced with Low likelihood
  46. IP/ICMP-MG-2015-1 IPv4 address spoofing with
  47. (Bao et al., 2010) IPv4-embedded IPv6
  48. IP/ICMP-MG-2015-2 transport mode ESP will fail with (Li et al., 2011a) IPv6-to-IPv4 translation
  49. IP/ICMP-MG-2015-3 Authentication Headers cannot be used (Li et al., 2011a) across an IPv6-to-IPv4
  50. IP/ICMP-MG-2015-4 Stateful translators can run out (Li et al., 2011a) of resources
  51. 4encaps-MG-2015-1 Tunneling IPv6 through IPv4 networks
  52. (Davies et al., 2007) could break IPv4 Network's security assumptions
Download


Paper Citation


in Harvard Style

Georgescu M., Hazeyama H., Okuda T., Kadobayashi Y. and Yamaguchi S. (2016). The STRIDE Towards IPv6: A Comprehensive Threat Model for IPv6 Transition Technologies . In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-167-0, pages 243-254. DOI: 10.5220/0005652402430254


in Bibtex Style

@conference{icissp16,
author={M. Georgescu and H. Hazeyama and T. Okuda and Y. Kadobayashi and S. Yamaguchi},
title={The STRIDE Towards IPv6: A Comprehensive Threat Model for IPv6 Transition Technologies},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2016},
pages={243-254},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005652402430254},
isbn={978-989-758-167-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - The STRIDE Towards IPv6: A Comprehensive Threat Model for IPv6 Transition Technologies
SN - 978-989-758-167-0
AU - Georgescu M.
AU - Hazeyama H.
AU - Okuda T.
AU - Kadobayashi Y.
AU - Yamaguchi S.
PY - 2016
SP - 243
EP - 254
DO - 10.5220/0005652402430254