Impacts evaluation of DoS attacks over IPv6 neighbor discovery protocol

Amjed Sid Ahmed, Rosilah Hassan, Nor Effendy Othman, Nor Idayu Ahmad, Yassir Kenish

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

The Neighbor Discovery Protocol (NDP) is one of the main protocols in the Internet Protocol version 6 (IPv6) suite. It provides many basic functions for the normal operations of IPv6 in a Local Area Network (LAN), such as address auto-configuration and address resolution. However, NDP has several vulnerabilities that can be used by malicious nodes to launch attacks, because NDP messages are easily spoofed. Surrounding this problem many solutions have been proposed for securing NDP but these solutions either proposed new protocols that need to be supported by all nodes or built mechanisms that require the cooperation of all nodes. In this paper we overview NDP vulnerabilities and available solutions to overcome their impacts on IPv6 network. In addition a research test bed setup to implement these vulnerabilities was introduced. Moreover attacks that prove these vulnerabilities are implemented on different types of operating systems, Windows and Linux platforms. Three network metrics throughput, delay and resources consumption have been chosen to investigate, analyze and evaluate the impacts of NDP related attacks on IPv6 link-local communication. Overall, the results had shown that performance of Linux based operating system is better than Windows based operating system.

Original languageEnglish
Pages (from-to)702-727
Number of pages26
JournalJournal of Computer Science
Volume15
Issue number5
DOIs
Publication statusPublished - 1 Jan 2019

Fingerprint

Internet protocols
Network protocols
Windows operating system
Denial-of-service attack
Computer operating systems
Local area networks
Throughput
Communication

Keywords

  • DoS
  • IPv6
  • NDP
  • SLAAC

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Artificial Intelligence

Cite this

Impacts evaluation of DoS attacks over IPv6 neighbor discovery protocol. / Ahmed, Amjed Sid; Hassan, Rosilah; Othman, Nor Effendy; Ahmad, Nor Idayu; Kenish, Yassir.

In: Journal of Computer Science, Vol. 15, No. 5, 01.01.2019, p. 702-727.

Research output: Contribution to journalArticle

Ahmed, Amjed Sid ; Hassan, Rosilah ; Othman, Nor Effendy ; Ahmad, Nor Idayu ; Kenish, Yassir. / Impacts evaluation of DoS attacks over IPv6 neighbor discovery protocol. In: Journal of Computer Science. 2019 ; Vol. 15, No. 5. pp. 702-727.
@article{609a30484c7c49ce9fa0a5429f88b8bf,
title = "Impacts evaluation of DoS attacks over IPv6 neighbor discovery protocol",
abstract = "The Neighbor Discovery Protocol (NDP) is one of the main protocols in the Internet Protocol version 6 (IPv6) suite. It provides many basic functions for the normal operations of IPv6 in a Local Area Network (LAN), such as address auto-configuration and address resolution. However, NDP has several vulnerabilities that can be used by malicious nodes to launch attacks, because NDP messages are easily spoofed. Surrounding this problem many solutions have been proposed for securing NDP but these solutions either proposed new protocols that need to be supported by all nodes or built mechanisms that require the cooperation of all nodes. In this paper we overview NDP vulnerabilities and available solutions to overcome their impacts on IPv6 network. In addition a research test bed setup to implement these vulnerabilities was introduced. Moreover attacks that prove these vulnerabilities are implemented on different types of operating systems, Windows and Linux platforms. Three network metrics throughput, delay and resources consumption have been chosen to investigate, analyze and evaluate the impacts of NDP related attacks on IPv6 link-local communication. Overall, the results had shown that performance of Linux based operating system is better than Windows based operating system.",
keywords = "DoS, IPv6, NDP, SLAAC",
author = "Ahmed, {Amjed Sid} and Rosilah Hassan and Othman, {Nor Effendy} and Ahmad, {Nor Idayu} and Yassir Kenish",
year = "2019",
month = "1",
day = "1",
doi = "10.3844/jcssp.2019.702.727",
language = "English",
volume = "15",
pages = "702--727",
journal = "Journal of Computer Science",
issn = "1549-3636",
publisher = "Science Publications",
number = "5",

}

TY - JOUR

T1 - Impacts evaluation of DoS attacks over IPv6 neighbor discovery protocol

AU - Ahmed, Amjed Sid

AU - Hassan, Rosilah

AU - Othman, Nor Effendy

AU - Ahmad, Nor Idayu

AU - Kenish, Yassir

PY - 2019/1/1

Y1 - 2019/1/1

N2 - The Neighbor Discovery Protocol (NDP) is one of the main protocols in the Internet Protocol version 6 (IPv6) suite. It provides many basic functions for the normal operations of IPv6 in a Local Area Network (LAN), such as address auto-configuration and address resolution. However, NDP has several vulnerabilities that can be used by malicious nodes to launch attacks, because NDP messages are easily spoofed. Surrounding this problem many solutions have been proposed for securing NDP but these solutions either proposed new protocols that need to be supported by all nodes or built mechanisms that require the cooperation of all nodes. In this paper we overview NDP vulnerabilities and available solutions to overcome their impacts on IPv6 network. In addition a research test bed setup to implement these vulnerabilities was introduced. Moreover attacks that prove these vulnerabilities are implemented on different types of operating systems, Windows and Linux platforms. Three network metrics throughput, delay and resources consumption have been chosen to investigate, analyze and evaluate the impacts of NDP related attacks on IPv6 link-local communication. Overall, the results had shown that performance of Linux based operating system is better than Windows based operating system.

AB - The Neighbor Discovery Protocol (NDP) is one of the main protocols in the Internet Protocol version 6 (IPv6) suite. It provides many basic functions for the normal operations of IPv6 in a Local Area Network (LAN), such as address auto-configuration and address resolution. However, NDP has several vulnerabilities that can be used by malicious nodes to launch attacks, because NDP messages are easily spoofed. Surrounding this problem many solutions have been proposed for securing NDP but these solutions either proposed new protocols that need to be supported by all nodes or built mechanisms that require the cooperation of all nodes. In this paper we overview NDP vulnerabilities and available solutions to overcome their impacts on IPv6 network. In addition a research test bed setup to implement these vulnerabilities was introduced. Moreover attacks that prove these vulnerabilities are implemented on different types of operating systems, Windows and Linux platforms. Three network metrics throughput, delay and resources consumption have been chosen to investigate, analyze and evaluate the impacts of NDP related attacks on IPv6 link-local communication. Overall, the results had shown that performance of Linux based operating system is better than Windows based operating system.

KW - DoS

KW - IPv6

KW - NDP

KW - SLAAC

UR - http://www.scopus.com/inward/record.url?scp=85067281572&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85067281572&partnerID=8YFLogxK

U2 - 10.3844/jcssp.2019.702.727

DO - 10.3844/jcssp.2019.702.727

M3 - Article

AN - SCOPUS:85067281572

VL - 15

SP - 702

EP - 727

JO - Journal of Computer Science

JF - Journal of Computer Science

SN - 1549-3636

IS - 5

ER -