Dynamics of abusive IPv6 networks
Turner, Mark J.
MetadataShow full item record
The exhaustion of available public IPv4 addresses has had a significant impact in an expanding, networked world and has led to increased adoption of IPv6. As IPv6 becomes more commonplace, it permits abusive and malicious parties to exploit both new and existing vulnerabilities. Among such vulnerabilities is abusive electronic messaging, or spam. To better understand the impact of spam utilizing IPv6 as its delivery protocol, this study focused on both real-world IPv6 spam collected from large production domain and IPv6 spam laboratory measurements. This study used various network traffic analysis tools to detect, classify, and associate IPv6 spamming behavior, both at the victim mail exchanger and among IPv6 wide-area routes. Furthermore, popular mail transfer agents were tested in an effort to profile their IPv6 behavior and correlate with spam obtained from the real world production domain. Results show that while IPv6 spamming behavior is growing, it is still in its infancy and no outstanding characteristics emerged that allow for definitive classification as a dominant IPv6 spamming behavior.
Approved for public release; distribution is unlimited
Showing items related by title, author, creator and subject.
Nolan, Le E. (Monterey, California. Naval Postgraduate School, 2012-09);This thesis investigates a novel approach to identifying discriminating features of communications involving abusive hosts. The technique uses per-packet TCP header and timing features to identify congestion, flow-control, ...
Nguyen, Thuy D. (2016-12); NPS-CS-16-004Network security monitoring is an important element in incident response and forensics investigation. Most forensic investigators are trained to recognize abusive network behavior in conventional information systems, but ...
Nguyen, Thuy D.; Irvine, Cynthia E. (2017-04);Most forensic investigators are trained to recognize abusive network behavior in conventional information systems, but they may not know how to detect anomalous traffic patterns in industrial control systems (ICS) that ...