{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T02:13:24Z","timestamp":1743041604771,"version":"3.40.3"},"publisher-location":"Cham","reference-count":3,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319607733"},{"type":"electronic","value":"9783319607740"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>With a vastly different header format, IPv6 introduces new vulnerabilities not possible in IPv4, potentially requiring new detection algorithms. While many attacks specific to IPv6 have proven to be possible and are described in the literature, no detection solutions for these attacks have been proposed. In this study we identify and characterise IPv6-specific attacks that can be detected using flow monitoring. By constructing flow-based signatures, detection can be performed using available technologies such as NetFlow and IPFIX. To validate our approach, we implemented these signatures in a prototype, monitoring two production networks and injecting attacks into the production traffic.<\/jats:p>","DOI":"10.1007\/978-3-319-60774-0_11","type":"book-chapter","created":{"date-parts":[[2017,6,16]],"date-time":"2017-06-16T12:23:19Z","timestamp":1497615799000},"page":"137-142","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Flow-Based Detection of IPv6-specific Network Layer Attacks"],"prefix":"10.1007","author":[{"given":"Luuk","family":"Hendriks","sequence":"first","affiliation":[]},{"given":"Petr","family":"Velan","sequence":"additional","affiliation":[]},{"given":"Ricardo","family":"de O. Schmidt","sequence":"additional","affiliation":[]},{"given":"Pieter-Tjerk","family":"de Boer","sequence":"additional","affiliation":[]},{"given":"Aiko","family":"Pras","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,6,17]]},"reference":[{"key":"11_CR1","unstructured":"IPv6 L3 Threat Detection. https:\/\/github.com\/ut-dacs\/IPv6-L3-threat-detection\/"},{"issue":"5","key":"11_CR2","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1145\/2677046.2677050","volume":"44","author":"R Hofstede","year":"2014","unstructured":"Hofstede, R., Hendriks, L., Sperotto, A., Pras, A.: SSH compromise detection using NetFlow\/IPFIX. ACM SIGCOMM CCR 44(5), 20\u201326 (2014)","journal-title":"ACM SIGCOMM CCR"},{"key":"11_CR3","unstructured":"Ullrich, J., Krombholz, K., Hobel, H., Dabrowski, A., Weippl, E.R.: IPv6 security: attacks and countermeasures in a nutshell. In: USENIX WOOT (2014)"}],"container-title":["Lecture Notes in Computer Science","Security of Networks and Services in an All-Connected World"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-60774-0_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,7,11]],"date-time":"2023-07-11T14:03:44Z","timestamp":1689084224000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-60774-0_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319607733","9783319607740"],"references-count":3,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-60774-0_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"17 June 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"AIMS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on Autonomous Infrastructure, Management and Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Zurich","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Switzerland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 July 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 July 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"aims2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}