Improved Mechanism to Prevent Denial of Service Attack in IPv6 Duplicate Address Detection Process
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2017, Vol 8, Issue 2
Abstract
From the days of ARPANET, with slightly over two hundred connected hosts involving five organizations to a massive global, always-on network connecting hosts in the billions, the Internet has become as important as the need for electricity and water. Internet Protocol version 4 (IPv4) could not sustain the growth of the Internet. In ensuring the growth is not stunted, a new protocol, i.e. Internet Protocol version 6 (IPv6) was introduced that resolves the addressing issue IPv4 had. In addition, IPv6 was also laden with new features and capabilities. One of them being address auto-configuration. This feature allows hosts to self-configure without the need for additional services. Nevertheless, the design of IPv6 has led to several security shortcomings. Duplicate Address Detection (DAD) process required for auto-configuration is prone to Denial of Service (DoS) attack in which hosts are unable to configure themselves to join the network. Various mechanisms, SeND, SSAS, and the most recent being Trust-ND, have been introduced to address this issue. Although these mechanisms were able to circumvent DoS attack on DAD process, they have introduced various side effects, i.e. complexities and degradation of performance. This paper reviews the shortcomings of these mechanism and proposes a new mechanism, Secure-DAD, that addresses them. The performance comparison between Trust-ND and Secure-ND also showed that Secure-DAD is more promising with improvement in terms of processing time reduction of 45.1% compared to Trust-ND while preventing DoS attack in IPv6 DAD process.
Authors and Affiliations
Shafiq Ul Rehman, Selvakumar Manickam
Keywords
Related Articles
- EP ID EP249033
- DOI 10.14569/IJACSA.2017.080209
- Views 113
- Downloads 0
Intrusion Detection System in Wireless Sensor Networks: A Review
The security of wireless sensor networks is a topic that has been studied extensively in the literature. The intrusion detection system is used to detect various attacks occurring on sensor nodes of Wireless Sensor Netwo...
Automatic Control of Colonoscope Movement for Modern Colonoscopy
The paper presents the mathematical realization of the trajectory that the colonoscope should have in the medical intervention, as well as the mathematical demonstration of the functions that make up the colonoscope. The...
Exploring Mechanisms for Pattern Formation through Coupled Bulk-Surface PDEs in Case of Non-linear Reactions
This work explores mechanisms for pattern forma-tion through coupled bulk-surface partial differential equations of reaction-diffusion type. Reaction-diffusion systems posed both in the bulk and on the surface on station...
Crowd Counting Mapping to make a Decision
Congestion typically occurs when the number of crowds exceeds the capacity of facilities. In some cases, when buildings have to be evacuated, people might be trapped in congestion and cannot escape from the building earl...
Design of Orthonormal Filter Banks based on Meyer Wavelet
A new design method for orthonormal FIR filter banks, which can be constructed using the generalized Meyer wavelet by taking into account the effect of time-shift factor, is proposed in this paper. These generalized Meye...