The Internet Address Space

2009 ◽  
pp. 139-186
Author(s):  
Laura DeNardis
Keyword(s):  
The Internet ◽  
Address Space ◽  
Internet Address

A White Hat Study of a Nation's Publicly Accessible Critical Digital Infrastructure and a Way Forward

2020 ◽  
pp. 1672-1685
Author(s):  
Timo Kiravuo ◽  
Seppo Tiilikainen ◽  
Mikko Särelä ◽  
Jukka Manner
Keyword(s):  
Control Systems ◽  
Critical Infrastructure ◽  
The Internet ◽  
Address Space ◽  
Government Officials ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Playing Field ◽  
Internet Address ◽  
Nation States

The developed society depends on many critical infrastructure processes, such as power generation, water treatment, many types of manufacturing, and smart buildings. These processes need control and the automation industry has embraced the Internet to connect all these controls. However, the controlling devices thus opened to the world do not always have adequate safeguards to withstand malicious users. Many automation systems have default passwords or known and unknown backdoors. Also, often those systems are not updated to close security weaknesses found after original installation. The authors argue that while the industry is familiar with the notion of safety of equipment and processes, it has not focused enough on IT security. Several years ago the Shodan search engine showed how easy it is to find these control devices on the Internet. The authors followed this research line further by targeting one nation's IP address space with Shodan and found thousands of control systems, many of which represent models and versions with known vulnerabilities. Their first contribution is presenting these findings and analyzing their significance. Their study started in 2012 and the most recent results are from the end of 2015. To gain further knowledge, they have built a prototype scanner capable of finding industrial control systems. This lets the authors evaluate the possibility of performing routine scans to gauge the vulnerability of a nation. Their second contribution is to present a template for a national Internet scanning program. The authors discuss the technology, performance, and legality of such a program. Based on their findings and analysis they argue that nations should continuously monitor their own Internet address space for vulnerabilities. The authors' findings indicate that the current level of vulnerabilities is significant and unacceptable. Scanning a nation's critical infrastructure can be done in minutes, allowing them to keep a tight control of vulnerabilities. Yet, in addition, the authors need to extend current legislation and the rights of government officials to bring more security in national critical infrastructures; this discussion is their third contribution. The cyber-space has become a playing field for criminals, terrorists and nation states, all of which may have a motive to disrupt the daily life of a nation, and currently causing such disruptions is too easy.

A White Hat Study of a Nation's Publicly Accessible Critical Digital Infrastructure and a Way Forward

2016 ◽  
Vol 6 (1) ◽  
pp. 41-52
Author(s):  
Timo Kiravuo ◽  
Seppo Tiilikainen ◽  
Mikko Särelä ◽  
Jukka Manner
Keyword(s):  
Control Systems ◽  
Critical Infrastructure ◽  
The Internet ◽  
Address Space ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Playing Field ◽  
Internet Address ◽  
Nation States ◽  
Automation Systems

The developed society depends on many critical infrastructure processes, such as power generation, water treatment, many types of manufacturing, and smart buildings. These processes need control and the automation industry has embraced the Internet to connect all these controls. However, the controlling devices thus opened to the world do not always have adequate safeguards to withstand malicious users. Many automation systems have default passwords or known and unknown backdoors. Also, often those systems are not updated to close security weaknesses found after original installation. The authors argue that while the industry is familiar with the notion of safety of equipment and processes, it has not focused enough on IT security. Several years ago the Shodan search engine showed how easy it is to find these control devices on the Internet. The authors followed this research line further by targeting one nation's IP address space with Shodan and found thousands of control systems, many of which represent models and versions with known vulnerabilities. Their first contribution is presenting these findings and analyzing their significance. Their study started in 2012 and the most recent results are from the end of 2015. To gain further knowledge, they have built a prototype scanner capable of finding industrial control systems. This lets the authors evaluate the possibility of performing routine scans to gauge the vulnerability of a nation. Their second contribution is to present a template for a national Internet scanning program. The authors discuss the technology, performance, and legality of such a program. Based on their findings and analysis they argue that nations should continuously monitor their own Internet address space for vulnerabilities. The authors' findings indicate that the current level of vulnerabilities is significant and unacceptable. Scanning a nation's critical infrastructure can be done in minutes, allowing them to keep a tight control of vulnerabilities. Yet, in addition, the authors need to extend current legislation and the rights of government officials to bring more security in national critical infrastructures; this discussion is their third contribution. The cyber-space has become a playing field for criminals, terrorists and nation states, all of which may have a motive to disrupt the daily life of a nation, and currently causing such disruptions is too easy.

scholarly journals Study and Optimized Simulation of OSPFv3 Routing Protocol in IPv6 Network

2019 ◽  
pp. 11-16
Author(s):  
Md. Anwar Hossain ◽  
Mst. Sharmin Akter
Keyword(s):  
Routing Protocol ◽  
Routing Protocols ◽  
Internet Protocol ◽  
The Internet ◽  
Address Space ◽  
Next Generation Internet ◽  
Ipv6 Address ◽  
Ipv6 Network ◽  
Packet Tracer

Routing is a design way to pass the data packet. User is assigns the path in a routing configuration. A significant role played by the router for providing the dynamic routing in the network. Structure and Configuration are different for each routing protocols. Next generation internet protocol IPv6 which provides large address space, simple header format. It is mainly effective and efficient routing. It is also ensure good quality of service and also provide security. Routing protocol (OSPFv3) in IPv6 network has been studied and implemented using ‘cisco packet tracer’. ‘Ping’ the ping command is used to check the results. The small virtual network created in Cisco platform .It is also used to test the OSPFv3 protocol in the IPv6 network. This paper also contains step by step configuration and explanation in assigning of IPv6 address in routers and end devices. The receiving and sending the packet of data in a network is the responsibility of the internet protocol layer. It also contains the data analysis of packet forwarding through IPv6 on OSPFv3 in simulation mode of cisco packet virtual environment to make the decision eventually secure and faster protocol in IPv6 environment.

APT

Fog Computing ◽  
2018 ◽  
pp. 158-182
Author(s):  
Dan Jen ◽  
Michael Meisel ◽  
Daniel Massey ◽  
Lan Wang ◽  
Beichuan Zhang ◽  
...  
Keyword(s):  
Performance Evaluation ◽  
Service Providers ◽  
The Internet ◽  
Global Routing ◽  
Internet Routing ◽  
Internet Address ◽  
Routing Table ◽  
The Cost ◽  
Edge Networks ◽  
Extensive Performance

The global routing system has seen a rapid increase in table size and routing changes in recent years, mostly driven by the growth of edge networks. This growth reflects two major limitations in the current architecture: (a) the conflict between provider-based addressing and edge networks' need for multihoming, and (b) flat routing's inability to provide isolation from edge dynamics. In order to address these limitations, we propose A Practical Tunneling Architecture (APT), a routing architecture that enables the Internet routing system to scale independently from edge growth. APT partitions the Internet address space in two, one for the transit core and one for edge networks, allowing edge addresses to be removed from the routing table in the transit core. Packets between edge networks are tunneled through the transit core. In order to automatically tunnel the packets, APT provides a mapping service between edge addresses and the addresses of their transit-core attachment points. We conducted an extensive performance evaluation of APT using trace data collected from routers at two major service providers. Our results show that APT can tunnel packets through the transit core by incurring extra delay on up to 0.8% of all packets at the cost of introducing only one or a few new or repurposed devices per AS.

Construction Security Architecture of the Internet of Things Based on IPv6 Technology

2013 ◽  
Vol 760-762 ◽  
pp. 1936-1941
Author(s):  
Guo Fang Kuang ◽  
Chun Lin Kuang
Keyword(s):  
Internet Of Things ◽  
Mobile Ipv6 ◽  
Security Policies ◽  
The Internet ◽  
Security Architecture ◽  
Address Space ◽  
Safety Issues ◽  
Ipv6 Address ◽  
Wide Range ◽  
The Internet Of Things

IPv6 has huge address space, while 128 bit IPv6 address is divided into two parts, namely the address prefix and the interface address. IPv6 provides a wide range of security policies for Internet of Things safety system. The security of the Internet of Things applications interface IPv6 address can be used to identify the node. This paper proposes construction security architecture of the Internet of Things based on IPv6 technology. In the allocation of the state address safety issues and mobile IPv6 binding buffer security update issues, are able to meet the security needs of the Internet of Things.

Sign in / Sign up

Export Citation Format

Share Document