Integrated cyber attack analysis platform "NIRVANA Kai" supports IPv6

image: Visualization of IPv6 address space by NIRVANA revision for IPv6. Each orange panel, lined up horizontally and vertically, represents an active IP address block where IPv6 communication has been observed (/16 in this figure). The light blue triangular pyramid objects represent IPv6 packets, and flexible visualization settings such as real-time display of each packet and filtering by IP address/port number are available.

Image: 
©National Institute of Information and Communications Technology

[Highlights]

- Integrated cyber attack analysis platform "NIRVANA Kai" newly supports IPv6 and enhances its functions.

- Observation of IPv6 communications, collection of IPv6-related alerts, and real-time visualization of IPv6 networks.

- Expected to simplify security operations in IPv6 networks.

[Abstract]

The Cybersecurity Laboratory of the National Institute of Information and Communications Technology (NICT, President: TOKUDA Hideyuki, Ph.D.) has enhanced its cyber attack integrated analysis platform "NIRVANA Kai" to support the Internet Protocol version 6 (IPv6), the successor to IPv4. NIRVANA Kai has succeeded in real-time visualization of packets flowing in the vast address space of IPv6 for the first time in the world. Until now, NIRVANA Kai has only been able to observe and analyze IPv4 communications, however, with the new support for IPv6 communications, it is expected to be useful for security measures for more diverse and extensive networks.

[Achievements]

NIRVANA revision has been enhanced to support IPv6 in all parts of the system (communication observation, alert collection, visualization, etc.). In particular, the visualization section has succeeded in efficiently visualizing the vast IPv6 address space by dynamically adding active IP address blocks where communication has been observed (see Figures 1 to 3). In addition, an indicator has been newly implemented to improve the visibility of the current position in the hierarchical structure of the IPv6 address space (see the rightmost part of Figure 2). Furthermore, IPv6-related alert information issued by security appliances is also supported, and filtering by IPv6 address is now possible (see Figure 2).

[Future Prospects]

With NIRVANA revision supporting IPv6 communication, the application range of the system will be significantly expanded, and security operations in IPv6 networks will be simplified.

Credit: 
National Institute of Information and Communications Technology (NICT)