IPv6 Security Aspects (Sommersemester 2012)
Dozent:
Prof. Dr. Christoph Meinel
(Internet-Technologien und -Systeme)
Allgemeine Information
- Semesterwochenstunden: 4
- ECTS: 6
- Benotet:
Ja
- Einschreibefrist: 1.4.2012 - 25.4.2012
- Lehrform: SP
- Belegungsart: Wahlpflichtmodul
Studiengänge, Modulgruppen & Module
- Internet & Security Technology
Beschreibung
IPv6 Security seminar is designed to understand the security implications of the IPv6 protocol, including issues related to the new features of IPv6 and the transition mechanisms in use during the migration from IPv4 to IPv6. It covers the basics of IPv6 security threats and attacks and provides the essential needs for IPv6 network vulnerability assessments, finds and eliminates IPv6 security threats, implements security processes to protect IPv6 network, identifies known areas of weakness in IPv6 security and the current state of attack tools and hacker skills.
List of suggested topics:
1. Stateless Autoconfiguration:
- SEcure Neighbor Discovery (SEND) and IP Security (IPSec) interaction
- SEND certificates managements
- SEND implementation in resource constrain devices (mobile devices)
- Cryptographically Generated Addresses (CGA) interaction with Dynamic Host Configuration Protocol for IPv6 (DHCPv6)
- CGA interaction with Domain Name System (DNS)
2. Domain Name System:
- DNS and DNS Security Extensions (DNSSEC ) vulnerabilities
- Botnets and the application of currently available techniques being used to prevent the misuse of DNS (firewalls and monitoring systems)
- DHCPv6 and DNS attacks (available tools and new tools being implemented)
3. Inter-domain routing:
- The Border Gateway Protocol (BGP4)
- Routing protocols attacks
- Impact of IPv6 on Internet routing
- Internet service provider (ISP)policies
4. Other topics
- Intrusion detection system (IDS)
- IPv6 network monitoring
- IPv6 transition mechanisms security implications
- privacy implications of IPv6 addressing
- ...
Voraussetzungen
- Interest in network security
- A good knowledge of networking concepts is assumed (TCP/ IP stack …)
Literatur
- Scott Hogg and Eric Vyncke, "IPv6 Security", Cisco Press; 1 edition, 2009.
- Ron Aitchison,"Pro DNS and BIND 10", Apress, 2011. Chapter 5, “DNS and IPv6″
More references and papers will be provided based on the selected topic.
Lern- und Lehrformen
- You are expected to show up in all sessions
- You need to work in a team
- The team has to present their topic
- The team is expected to design, implement and test the selected security topic in a certain practical deployment scenario
- The team needs to write a report about their topic
Leistungserfassung
Your final evaluation will be based on:
- Participation in the seminar
- Implementation and testing the task
- Presentations
- Reports
Termine
- Tuesdays: 17:00 -18:30 (Room: HS 3)
Wednesdays: 13:30-15:00 (Room: HS 3) - 11.04.2012 (Wednesday): Introductory session (slides), use your HPI account credentials to access the slides.
- 17.04.2012 (Tuesday): Introductory session
- 25.04.2012: (Subscription deadline) - Introduction to SEND & DNSSEC
- To be determined
Zurück
