Project Details

Návrh systému pro testování zabezpečení sítě IPv6 a zpracování incidentů v prostoru privátních adres

Project Period: 1. 6. 2015 – 30. 6. 2016

Project Type: contract

Partner: CESNET

English title
Design of a system for testing security in IPv6 networks and processing incidents containing private addresses
Type
contract
Keywords

IPv6, security, NetFlow, NAT

Abstract

IPv6 protocol is deployed in most cases together with network address translation technique (NAT). The combination of IPv6 deployment and NAT introduces several issues for network administrators. Firstly, the network administrator must ensure the same level of security both for IPv6 and IPv4 networks. Secondly, NAT raises an issue with trackig security incidents because it is necessary to correctly bind global and private IPv4 addresses. The project aims to solve these issues. Active networking probe will be developed to test the protection of IPv6 network against known vulnerabilities. Information about binding between global and private IPv4 addresses will be solved by developing a plugin for current NetFlow probes. The plugin will export all necessary information about network translation thus allowing network administrator to trace back a security incident. The outcomes of the project will help to test the security of IPv6 network and provides all information to easily trace back a security incident even in network with private IPv4 addresses.

Team members
Grégr Matěj, Ing., Ph.D. (DIFS) – research leader
Korček Pavol, Ing., Ph.D. (DCSY)
Publications

2015

Back to top