Abstract

Abstract In this paper, we focus on one of the most prominent IPv6 transition technologies, namely Mapping of Address and Port using Translation (MAP-T), and we give attention to Mapping of Address and Port with Encapsulation (MAP-E) as well. We emphasize the uniqueness of MAP-T and MAP-E, and we discuss the differences between those two technologies, including their topology, functionality, and security vulnerabilities. We apply a threat modeling technique, Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege (STRIDE), to assess potential vulnerabilities in the MAP-T infrastructure. Furthermore, we build a testbed for MAP-T using the open-source software, Jool, and we conduct testing on the translation process capabilities of Jool and its port allocation per subscriber. Finally, we present various attacking scenarios against the main routers of MAP-T, such as IP address spoofing, information disclosure, and source port exhaustion, and we propose mitigation methods for several attacks.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.