Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Probing method for secure neighbor discovery operation mode based on certificate request

A technology of operation mode and neighbor discovery, applied in the field of communication, can solve the problems such as the ineffective development and limitations of SEND-related information detection technology research, and achieve the effect of improving security performance, ensuring network communication security, and strengthening application prospects.

Active Publication Date: 2020-05-05
PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, IPv6-related detection technologies are mostly limited to topology discovery, operating system detection, worm propagation model, tunnel discovery, and path maximum transmission unit (PMTU) detection. Research on SEND-related information detection technology has not yet been effectively carried out.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Probing method for secure neighbor discovery operation mode based on certificate request
  • Probing method for secure neighbor discovery operation mode based on certificate request
  • Probing method for secure neighbor discovery operation mode based on certificate request

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] In order to make the purpose, technical solution and advantages of the present invention more clear and understandable, the present invention will be further described in detail below in conjunction with the accompanying drawings and technical solutions.

[0021] For the situation that the authentication process of the IPv6 router is independent of the ND mechanism, which brings difficulties to SEND operation detection, etc., in the embodiment of the present invention, see figure 1 As shown, a certificate request-based secure neighbor discovery operation mode detection method is provided, which includes the following content:

[0022] S101) The detection node initiates an authorization entrustment discovery ADD process, and requests the router certificate chain;

[0023] S102) Waiting for the response message and analyzing the router response, judging whether the authentication center provides a certificate issuance service for the target subnet security neighbor discov...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of communication, and relates to a certificate request-based secure neighbor discovery operation mode detection method, which comprises the following steps: enabling a detection node to initiate an authorization delegation discovery (ADD) process to request a router certificate chain; waiting for a response message and analyzing the router correspondence, and judging whether the authentication center provides certificate signing and issuing service for a target subnet security neighbor discovery (SEND) mechanism or not; extracting a router certificate chain, aiming at the situation that the authentication center provides signing and issuing service and the situation that the authentication center does not provide certificate signing and issuingservice, proving a target subnet SEND operation mode through a node set contained in the target subnet, and constructing an information table associated with target IPv6 subnet router identity authentication. According to the invention, the difficulty of SEND operation detection due to the fact that the IPv6 router authentication process is independent of the ND mechanism is overcome. According tothe method, the running mode type of the target IPv6 subnet SEND mechanism and the trust model type on which the authentication center depends can be effectively detected, the SEND environment safetyof the IPv6 network is improved, the network communication safety performance is ensured, and the method has a relatively strong application prospect.

Description

technical field [0001] The invention belongs to the technical field of communication, in particular to a method for detecting a safe neighbor discovery operation mode based on a certificate request. Background technique [0002] IPv6 subnet ND (Neighbor Discovery, neighbor discovery) security mechanism SEND (Secure NeighborDiscovery, secure neighbor discovery) enhances the security of IPv6 subnet neighbor discovery, router discovery and redirection process, and more and more IPv6 nodes deploy SEND mechanism. However, the SEND mechanism itself has certain security risks and is subject to some attacks, such as CGA authentication flaws, time-memory trade-off attacks, and router authorization attacks. At present, research on the SEND protocol focuses on protocol analysis and optimization, security improvement, application expansion, address generation speed-up, protocol implementation, and lightweight. Scanning and information collection attacks are security threats that the n...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/0823H04L63/20
Inventor 张连成孙建平郭毅燕菊维
Owner PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com