Loading [a11y]/accessibility-menu.js
P4-NSAF: defending IPv6 networks against ICMPv6 DoS and DDoS attacks with P4 | IEEE Conference Publication | IEEE Xplore
Subscribe
ADVANCED SEARCH
Conferences >ICC 2022 - IEEE International...

P4-NSAF: defending IPv6 networks against ICMPv6 DoS and DDoS attacks with P4

PDF
Yubing Li; Wei Yang; Zhou Zhou; Qingyun Liu; Zhao Li; Shu Li
All Authors

Abstract:

Internet Protocol Version 6 (IPv6) is expected for widespread deployment worldwide. Such rapid development of IPv6 may lead to safety problems. The main threats in IPv6 n...Show More

Metadata

Abstract:

Internet Protocol Version 6 (IPv6) is expected for widespread deployment worldwide. Such rapid development of IPv6 may lead to safety problems. The main threats in IPv6 networks are denial of service (DoS) attacks and distributed DoS (DDoS) attacks. In addition to the similar threats in Internet Protocol Version 4 (IPv4), IPv6 has introduced new potential vulnerabilities, which are DoS and DDoS attacks based on Internet Control Message Protocol version 6 (ICMPv6). We divide such new attacks into two categories: pure flooding attacks and source address spoofing attacks. We propose P4-NSAF, a scheme to defend against the above two IPv6 DoS and DDoS attacks in the programmable data plane. P4-NSAF uses Count-Min Sketch to defend against flooding attacks and records information about IPv6 agents into match tables to prevent source address spoofing attacks. We implement a prototype of P4-NSAF with P4 and evaluate it in the programmable data plane. The result suggests that P4-NSAF can effectively protect IPv6 networks from DoS and DDoS attacks based on ICMPv6.
Published in: ICC 2022 - IEEE International Conference on Communications
Date of Conference: 16-20 May 2022
Date Added to IEEE Xplore: 11 August 2022
ISBN Information:

ISSN Information:

DOI: 10.1109/ICC45855.2022.9839137
Conference Location: Seoul, Korea, Republic of

Funding Agency:

No metrics found for this document.
Contents

I. Introduction

Internet Protocol version 6 (IPv6) is expected for rapid and widespread deployment worldwide. IPv6 is not compatible with IPv4 so the deployment of IPv6 leads to high costs. However, in November 2019, IPv4 addresses were exhausted completely [1]. For lack of available IPv4 addresses, IPv6 is expected to be developed rapidly. According to Google statistics, the proportion of global Internet users using IPv6 is reached 32.57% in November 2021, and the trend is still growing [2]. Popular network technologies, such as programmable data plane [3], are also robust supports for IPv6 networks.

Contact IEEE to Subscribe

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.