Article Per Year (5 Year)
p-Index From 2021 - 2026
0.61
P-Index
This Author published in this journals
All Journal International Journal of Electrical and Computer Engineering Bulletin of Electrical Engineering and Informatics Indonesian Journal of Electrical Engineering and Computer Science
Anazel P. Gamilla
Central Luzon State University
Computer Science & IT Electrical & Electronics Engineering

Published : 3 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 3 Documents
Search

 1 
Denial of service attack: an analysis to IPv6 extension headers security nightmares Marlon A. Naagas; Anazel P. Gamilla
International Journal of Electrical and Computer Engineering (IJECE) Vol 12, No 3: June 2022
Publisher : Institute of Advanced Engineering and Science

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.11591/ijece.v12i3.pp2922-2930

Abstract

Dealing with scarcity issues of Internet protocol version 4 (IPv4), internet engineering task force (IETF) developed Internet protocol version 6 (IPv6) to support the needs of IP addresses for future use of the internet, however, one challenge that must be faced while transitioning to IPv6 is in the area of security. IPv6 is a new protocol that has many new probabilities for attackers to exploit the protocol stack and one of them is through IPv6 extension headers. Mishandling of extension headers are the security nightmares for network administrators, allowing for new security threats that will cause denial of service (DoS). As a result, the mishandling of IPv6 extension Headers creates new attack vectors that could lead to DoS–which can be exploited for different purposes, such as creating covert channels, fragmentation attacks, and routing header 0 attacks. Furthermore, this paper becomes proof of concepts that even to this day our well-known network devices are still exploitable by these attack vectors.
Header of death: security implications of IPv6 extension headers to the open-source firewall Anazel P. Gamilla; Marlon A. Naagas
Bulletin of Electrical Engineering and Informatics Vol 11, No 1: February 2022
Publisher : Institute of Advanced Engineering and Science

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.11591/eei.v11i1.3446

Abstract

IPv6 extension headers (EHs) contain additional information utilized by network devices (such as routers and firewalls) to determine how to direct or process an IPv6 packet. However, the use of excessive and unknown EHs can lead to the security implications such as evasion and denial of service (DoS) of the target firewall. Study revealed that there is no permanent remediation that prevents the IPv6 EHs attack from invading the open-source firewalls by default. Using IPv6 packet manipulations technique, the attacker can evade the target network including the firewall and target host that can lead to a complete unavailability of network service. The common vulnerability scoring system (CVSS) also indicates that the base, temporal, and environment metric groups of IPv6 EHs vulnerabilities were in the critical level of severity. Quick and dirty solutions such as denying and allowing packets and IP addresses as preventive measures is still one of the effective ways of defending against the EHs packet manipulation attacks, as a temporary solution to date.
Enhancing reconnaissance security: a 2-tier deception-driven model approach (2TDDSM) Anazel P. Gamilla; Thelma D. Palaoag; Marlon A. Naagas
Indonesian Journal of Electrical Engineering and Computer Science Vol 34, No 3: June 2024
Publisher : Institute of Advanced Engineering and Science

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.11591/ijeecs.v34.i3.pp1999-2006

Abstract

The emergence of network security has revolutionized the way educational institutions operate, providing advanced connectivity, enhanced communication, and efficient management of resources. However, with the increasing dependence on interconnected systems, institutions and organizations became vulnerable targets for cyber threats. To address these security challenges, a two-tier deception-driven model specifically designed to for the initial phase of attacks in reconnaissance period where the adversaries is to gather information of the targets. Defending threats in this phase can provide active and proactive defense allowing the administrator to identify potential attackers and understanding their methods, motivation and potential target assets. The model's layered approach creates a resilient defense mechanism that aligns with the advanced deception techniques which aims to misguide potential threats attempting to gather intelligence within the network.
Co-Authors Marlon A. Naagas Thelma D. Palaoag