Improved Mechanism to Prevent Denial of Service Attack in IPv6 Duplicate Address Detection Process
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2017, Vol 8, Issue 2
Abstract
From the days of ARPANET, with slightly over two hundred connected hosts involving five organizations to a massive global, always-on network connecting hosts in the billions, the Internet has become as important as the need for electricity and water. Internet Protocol version 4 (IPv4) could not sustain the growth of the Internet. In ensuring the growth is not stunted, a new protocol, i.e. Internet Protocol version 6 (IPv6) was introduced that resolves the addressing issue IPv4 had. In addition, IPv6 was also laden with new features and capabilities. One of them being address auto-configuration. This feature allows hosts to self-configure without the need for additional services. Nevertheless, the design of IPv6 has led to several security shortcomings. Duplicate Address Detection (DAD) process required for auto-configuration is prone to Denial of Service (DoS) attack in which hosts are unable to configure themselves to join the network. Various mechanisms, SeND, SSAS, and the most recent being Trust-ND, have been introduced to address this issue. Although these mechanisms were able to circumvent DoS attack on DAD process, they have introduced various side effects, i.e. complexities and degradation of performance. This paper reviews the shortcomings of these mechanism and proposes a new mechanism, Secure-DAD, that addresses them. The performance comparison between Trust-ND and Secure-ND also showed that Secure-DAD is more promising with improvement in terms of processing time reduction of 45.1% compared to Trust-ND while preventing DoS attack in IPv6 DAD process.
Authors and Affiliations
Shafiq Ul Rehman, Selvakumar Manickam
Keywords
Related Articles
- EP ID EP249033
- DOI 10.14569/IJACSA.2017.080209
- Views 116
- Downloads 0
An Internet-based Student Admission Screening System utilizing Data Mining
This study aimed to propose an internet-based student admission screening system utilizing data mining in order for officers to reduce time to evaluate applicants as well as for the faculty to use less human resources on...
Systematic and Integrative Analysis of Proteomic Data using Bioinformatics Tools
The analysis and interpretation of relationships between biological molecules is done with the help of networks. Networks are used ubiquitously throughout biology to represent the relationships between genes and gene pr...
Comparison of Intelligent Methods of SOC Estimation for Battery of Photovoltaic System
It is essential to estimate the state of charge (SOC) of lead-acid batteries to improve the stability and reliability of photovoltaic systems. In this paper, we propose SOC estimation methods for a lead-acid battery usin...
HOG-AdaBoost Implementation for Human Detection Employing FPGA ALTERA DE2-115
Human detection system using Histogram of Oriented Gradients (HOG) feature and AdaBoost classifier (HOG-AdaBoost) in FPGA ALTERA DE2-115 are presented in this paper. This work is expanded version from our previous study....
A Proposed Framework to Investigate the User Acceptance of Personal Health Records in Malaysia using UTAUT2 and PMT
Personal Health Records (PHRs) can be considered as one of the most important health technologies. PHRs enroll the patients directly to their health decision making through giving them the authority to control and share...