Preventing Denial of Service Attacks on Address Resolution in IPv6 Link-local Network: AR-match Security Technique

Capítulo de livro Revisado por pares

Preventing Denial of Service Attacks on Address Resolution in IPv6 Link-local Network: AR-match Security Technique

2018; Springer Science+Business Media; Linguagem: Inglês

10.1007/978-981-13-2622-6_30

ISSN

1876-1119

Autores

Ahmed K. Al-Ani, Mohammed Anbar, Selvakumar Manickam, Ayman Al-Ani, Yu‐Beng Leau,

Tópico(s)

IPv6, Mobility, Handover, Networks, Security

Resumo

Address resolution (AR) process, one of the important neighbor discovery protocol (NDP) functions, aims to obtain the corresponding relationship between Internet protocol and media access control addresses. This process uses two NDP messages, neighbor solicitation (NS) and neighbor advertisement (NA) messages, which are unsecure by design. In addition, the target address is revealed in the traditional AR process. Thus, any malicious node on the same link can modify the message and launch denial of service (DoS) attacks. The current mechanisms suffer from high-complexity issue or other forms of security issues that can induce DoS attack on AR in IPv6 link-local network. To overcome these limitations, this work proposes AR-match technique to secure AR process by hiding the target address by using a hash function algorithm and adding a new option named AR-match, which is attached to each NS and NA message for them to become NS- and NA-match messages, respectively. AR-match technique can provide a high security with less complexity and will completely prevent DoS attacks during AR in the IPv6 link-local network.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

Preventing Denial of Service Attacks on Address Resolution in IPv6 Link-local Network: AR-match Security Technique