Affordable Access

Defence mechanisms evaluation against RA flood attacks for Linux Victim Node

Authors
  • Kolahi, Samad
  • Barmada, Bashar
  • Mudaliar, Keysha
Publication Date
Dec 01, 2017
Source
Unitec Research Bank
Keywords
Language
English
License
Unknown

Abstract

This research evaluates the performance of different defence mechanisms used in IPv6 networks to protect against router advertisement (RA) flood attacks that rely in ICMPv6 Router Advertisement messages to flood the network. Three types of RA flood attacks are considered: the default RA flood attack, RA flood attack with fragmented packets and RA flood attack with extended header packets. The victim machine is considered to be Linux Debian operating system. The defence mechanisms analysed here are: Access Control Lists, Disable Router Discovery, RA Guard, Validate Source MAC and VLAN. The performance is measured according to TCP throughput, TCP round-trip time (RTT) and CPU utilisation.

Report this publication

Statistics

Seen <100 times