The deployment of Internet Protocol version 6 (IPv6) has raised security concerns among the network administrators. Thus, in strengthening the network security, administrator requires an appropriate method to assess the possible risks that occur in their networks. Aware of the needs to calculate risk in IPv6 network, it is essential to an organization to have an equation that is flexible and consider the requirements of the network. However, the existing risk assessment equations do not consider the requirement of the network. Therefore, this paper presents the adaptation of grounded theory to search for elements that are needed to develop IPv6 risk assessment (IRA6) equation. The attack scenarios’ experiments; UDP Flooding, TCP Flooding and Multicast attacks were carried out in different network environment to show how the IPv6 risk assessment equation being used. The result shows that the IRA6 equation is more flexible to be used regardless the network sizes and easier to calculate the risk value compared to the existing risk assessment equations. Hence, network administrators can have a proper decision making and strategic planning for a robust network security.
Escalation of Internet-of-Thing (IoT) may cause internet users being exposed to IPv6 security issues. End-to-end connection feature in IPv6 can be misused by attackers to flood targeted host. Using User Datagram Protocol (UDP), attackers can certainly congest the network by injecting UDP packets during network communication. This will introduce risk if there is no precaution step taken. Enhanced risk assessment equation can be adopted to mitigate the perils. Thus, this paper presents the use of enhanced risk assessment equation to identify risk value that is caused by UDP flooding attack. The attack was simulated using OMNeT++ simulation software. The inputs that were considered in the enhanced equation are based on the features of the tested network scenarios. The obtained risk value can be used in determining appropriate mitigation techniques that help the organization in maintaining and strengthening their network. It also offers organization to secure their network resources and assets. Furthermore, this paper also reveals that the enhanced risk assessment equation is flexible to be used in any situation. Hereafter, more IPv6 based protocols will be tested to measure the capability of using the enhanced equation.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.