PROTECTING HOME AGENT CLIENT FROM IPv6 ROUTING HEADER VULNERABILITY IN MIXED IP NETWORKS

Mixed IPv4/IPv6 networks will continue to use mobility support over tunneling mechanisms for a long period of time until the establishment of IPv6 end-to-end connectivity. Encapsulating IPv6 traffi c within IPv4 increases the level of hiding internal contents. Thus, mobility in mixed IPv4/IPv6 networks introduces new security vulnerabilities. One of the most critical vulnerabilities associated with the IPv6 protocol is the routing header that potentially may be used by attackers to bypass the network security devices. This paper proposes an algorithm (V6HAPA) for protecting home agent clients from the routing header vulnerability, considering that the home agents reside behind an IPv4 Network Address Translation (NAT) router. The experimental results show that the V6HAPA provides enough confidence to protect the home agent clients from attackers.