Abstract
Nowadays more and more IoT devices, including a large number of IoT servers, have been deployed on the Internet. The security of IoT servers has always been a challenge. In this paper, a new model named addressless IoT server is proposed, which allows people to use the large IPv6 address space to protect IoT server security. The server is allocated an IPv6 prefix instead of an address. When the authenticated client initiates communication, it uses an encryption mechanism to generate a specific destination address under the prefix. The server verifies the destination address when receiving the packet, and discards the packet if the verification fails. In this way, the model can prevent attackers from perceiving the server and launching scans or attacks, while remains compatible with the current Internet. The prototype is implemented and an extensive set of experiments are conducted in this paper. The results demonstrate that the model can better protect server security.
Highlights
Starting from the birth of the Internet, the TCP/IP protocol has gradually become the most important infrastructure of the Internet, and the IPv4 protocol has been widely used after decades of development
The most significant difference between IPv6 and IPv4 is that IPv6 uses a 128-bit address instead of the 32bit address of IPv4, which provides a much larger address space for Internet devices
Previous studies have suggested that IPv6 address space can be used to protect the security, but no specific model has ever been proposed
Summary
Starting from the birth of the Internet, the TCP/IP protocol has gradually become the most important infrastructure of the Internet, and the IPv4 protocol has been widely used after decades of development. The IPv4 addresses are being exhausted nowadays since it did not expect the huge number of devices on the Internet when the IPv4 protocol was designed To address this problem, the IPv6 protocol specification (RFC 1883 [1]) was proposed by the Internet Working Group. R. Liu et al.: Addressless: Enhancing IoT Server Security Using IPv6 they need to provide uninterrupted and guaranteed Internet services to specific users. Previous studies have suggested that IPv6 address space can be used to protect the security, but no specific model has ever been proposed. Using the IPv6 address suffix to hold the encryption information is an innovative idea, in accordance with the mainstream development trend of the IPv6 network model. A new model named addressless IoT server is proposed, which introduces encryption into IPv6 addresses in the network layer to enhance server security.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have