||Detecting the Auto-configuration Attacks on IPv4 and IPv6 Networks
102015-03-24 , 法政大学大学院情報科学研究科
Auto-configuration is a mechanism, which assigns IP address, default gateway address and DNS server address to a node for accessing to the network. On IPv4 network, auto-configuration is done by using DHCP protocol, but IPv6 network has two ways to assign auto-configuration information to a node, which are stateless address configuration by routers and stateful address configuration by DHCPv6 servers. On the auto-configuration phrase, some attackers may be able to inject a counterfeit information, which may cause DOS, DNS hijacking, and man-in-the-middle attack, to the client. In this paper, we propose a method to detect DHCP attack and man-in-the-middle attack both on IPv4 and IPv6 network by collecting and analyzing the auto-configuration phrase. This approach is also able to detect the location of attacker in the network, and also works for both of IPv4 network and IPv6 network.