**2.5 IPv6**

*Computer and Network Security*

5. "Fragment Offset" field

6. "Source Address" field

build the packets.

9. "Options" field

10."Padding" field

being injected.

Two different options need to be considered:

**2.4 Injection's result**

8. "Destination Address" field

injection of information.

sible for delivering the package.

You can change the value of the "Fragment Offset" field. The best option is when the DF flag is set to "0," since the fragmentation strategy is designed so that an unfragmented datagram in all fields related to fragmentation has zero values. This means, despite the fact that the flag prevents fragmentation, we can still implement it in the offset of the fragment, but the fact of identifica-

7.It should be noted that manipulation is possible only on the condition that the package consists of hidden source data. Since the manipulation will not be caused by the source of the information, the receiving site could not properly

IPv4-in IPv6 headers can be encapsulated using the IPv4 Destination Address field to insert information into it. In this case, the IPv6 header will be respon-

The value of the options field is limited in the IPv4 header, and as a result of the analysis, we are trying to determine any field value that may appear in this type of field. So we may try to determine the incorrect significant of this field, the appearance of which indicates the possible malicious activity on the

This field goes after value 0x00 of the "Options" field; the value is the EOL and takes up to 32-bit header boundaries. The interest in this manipulation is that after the optional EOL, the equipment does not examine headers on 32-bit boundaries; this means that these bytes are invisible to network devices and sniffer. Although the analysis of this field is simple enough, the EOL up to 32-bit header boundaries must be set to "0" at the standard behind the "Options" field, causing any other value of this field to indicate that the data is

The standard IPv4 header size with options and fields with padding is 320 bits.

1.IPv4 is a carrier and is responsible for packet addressing. Due to manipulation, 182 bits can be used, which is 56.88% of the total number of bits. This volume allows you to insert 22 symbols from 8 bits in ASCII encoding into the header.

tion of the manipulation becomes more detectable.

You can change the "Source Address" field value.

**78**

*2.5.1 Header of IPv6*

The header's format of IPv6 is presented in **Figure 2**.

1. "Traffic Class" field

You can change the "Traffic Class" value arbitrarily. This manipulation cannot be detected by analysis.

2. "Flow description" field

You can change the value of the "Flow Label" field.

This manipulation cannot be detected by the packet sniffer.

3. "Load Length" field

It is possible to increase the size of this field when adding data to the end of the original IP packet, like IPv4. This modification cannot be detected by the packet sniffer.

**Figure 2.** *Header format of IPv6.*

4. "Source Address" field

You have the possibility to change the data of this field at IPv4 format, but international standards from the IPv6 community do not recommend using it as a source address.

5. "Destination Address" field

In this protocol, you can use the IPv6 "Destination Address" field in the IPv4 encapsulation header to load information into it. In this case, the IPv4 header will be responsible for the packet delivery.

This manipulation cannot be detected by the packet sniffer.
