| Along with the prosperity of the Internet, Internet users are also persecuted by varies of network attacks. As the Internet technology evolves and its coverage increases rapidly, the attacking methods have become more and more diverse and complicated; and the one most affective and most difficult to defend is DoS attack. DoS attacks usually aim at well-known servers or even an entire network. A few of significant service providers have endured loss from these attacks. In many of the aforementioned attacks, the attacker often fakes his source address, so as to achieve his goal or to escape from being traced. This practice, called IP address spoofing, causes great difficulties for the victim to organize his defense and to trace the attack source.After the proposal and the standardization of the next generation IP protocol, namely IPv6, IPv6 networks have taken their steps to gradually replace IPv4 ones. However, the design principles have not been changed, including those for the node identity. As a result, address spoofing cannot yet be effectively constrained. Worse still, because of IPv6's enlarged address space and more flexible functions such as MIPv6, address spoofing is now even more difficult to defend against.In this thesis, we demonstrate the threads caused by address spoofing in IPv6 networks, as well as the difficulties to perform defense against it. We place an emphasis on the "address ownership problem" in the authentication to IPv6 nodes. Furthermore, through the analysis on the IPv6 default security protocol, IPsec, and the IKE key exchange protocol, we try to explain the difficulties of applying traditional authentication schemes to this problem. To address this problem, many useful solutions are proposed, including cryptographically generated address and the security neighbor discovery protocol, as well as address-based keys and other related authentication schemes. Each of these schemes solves part of the problem in its particular fields, but because of the lack of practical address authorized mechanism, they either leave part of the problem unsolved, or rely on strong prerequisites.The disadvantages of pure software solutions force people to move their focus unto the hardware area. TCG proposes standardizes the TPM. TPM is a secure chip attached to a platform which has individual computing ability. Its trustworthiness is enforced by an internal ID and protected memory. After analyzing TPM's concepts and functions, we propose a TPM-based IPv6 network security framework. We use it as a root of trust and use its DAA function as a means for authorization. Our framework adds authorization to IPv6 address generation mechanism, and makes edge routers authorizers off addresses for hosts with TPM. When used to access remote servers, these authorized addresses can be verified for validness. Furthermore, a server can use TPM's remote measurement function to examine the integrity of a host. Moreover, every address is authorized with a valid lifetime and the corresponding deprecated means.This framework provides a practical mechanism for host with TPM in an IPv6 network. Meanwhile, it also provides limited access capability for hosts without TPM. It is a practical means against IPv6 address spoofing without a whole-network authorization centre. |
PDF Full Text Request