Change search
ReferencesLink to record
Permanent link

Direct link
Denial of Service attack in IPv6 networks and counter measurements
Halmstad University, School of Information Technology.
Halmstad University, School of Information Technology.
2016 (English)Independent thesis Advanced level (degree of Master (One Year)), 40 credits / 60 HE creditsStudent thesis
Abstract [en]

This thesis describes and expresses the different IPv6 based cyber-attacks which could result in the Denial of Service (DoS) on the IPv6 network. IPv6 is the next generation internet protocol and the demand of its benefits is implacable. Therefore, we tried to answer to the following questions:

How effective is DoS in IPv6 networks?

How to protect IPv6 networks from DoS?

The effect of implementing new changes in network often leads to new challenges and security breaches that make IP based networks challenging to monitor and defense. Better understanding of types of network and traffic requirements will assist in building robust network.

The project done for this thesis is based on investigating the strength of some possible methods of launching the DoS on future solely IPv6 networks with open source tools. Moreover, it is based to signify how differently some network devices respond to this type of attack either locally or remotely in respect of the CPU utilization and the bandwidth usage. Packet analyzer is used to capture and analyze these attacks. The DoS attacks in this project include the protocols IPv6, ICMPv6 and TCP with two different category methods and variety of different IPv6 extension headers and packet formats.

While the extension header mechanism is an important part of the IPv6 architecture, by taking advantage of it including the hop-by-hop option, router alert, AH and specially packets with big size extension headers which cause slow processing, we achieved the goal to strangle the nodes (specially routers) with the high CPU utilization in the project test environment. We also tested the efficacy of IPv6 fragmentation with 36 different options and their results are represented on 3 different areas of the network.


This thesis has concentrated on different kinds of attacks that have low impact on the local area devices such as the default gateway router but very high impact on the targets’ devices (remotely) with different autonomous system number that an attacker would not have any administrative control on. Some of the attacks expressed in this thesis need future work and analysis since they are out of scope for this work and therefore we just illustrate the result of these tests.  


The results of this thesis can be used for judgmental evaluation of the IPv6 security against DoS attack.

Place, publisher, year, edition, pages
2016. , 89 p.
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
URN: urn:nbn:se:hh:diva-30204OAI: diva2:896095
Subject / course
Computer Network Engineering
2015-11-17, E320, Halmstad Universty, 13:00 (English)
Available from: 2016-01-25 Created: 2016-01-20 Last updated: 2016-01-25Bibliographically approved

Open Access in DiVA

fulltext(3887 kB)202 downloads
File information
File name FULLTEXT01.pdfFile size 3887 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
School of Information Technology
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 202 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 1059 hits
ReferencesLink to record
Permanent link

Direct link