Publication Details
Host Identity Detection in IPv6 Networks
Holkovič Martin, Ing. (DIFS FIT BUT)
Matoušek Petr, doc. Ing., Ph.D., M.A. (DIFS FIT BUT)
Computer network security, host identity, IPv6 monitoring, SLAAC, neighbor discovery.
It is important to keep networks secure and reliable. In order to backtrack security incidents, provide accounting for offered services etc., it is necessary to know the identity of network users. With various methods for IPv6 address assignments, IPv6 brings new challenges to user identification in LAN. This paper proposes a new approach for tracking user identity in LANs. The approach is based on network control traffic that is already present in IPv6 networks and it is passive to end devices. In contrast to current methods, the proposed approach does not bring any extensive workload to active network devices, works in networks with Multicast Listener Discovery snooping, and is able to detect that an address is no longer used. In order to make the approach reliable, we studied the behaviour of current operating systems during
IPv6 address assignments. We implemented a tool called ndtrack based on the proposed approach and tested it in real network.
@INPROCEEDINGS{FITPUB10467, author = "Libor Pol\v{c}\'{a}k and Martin Holkovi\v{c} and Petr Matou\v{s}ek", title = "Host Identity Detection in IPv6 Networks", pages = "74--89", booktitle = "E-Business and Telecommunications", journal = "Communications in Computer and Information Science", volume = 456, number = 456, year = 2014, location = "Berlin, DE", publisher = "Springer Verlag", ISBN = "978-3-662-44787-1", ISSN = "1865-0929", doi = "10.1007/978-3-662-44788-8", language = "english", url = "https://www.fit.vut.cz/research/publication/10467" }