Securing IPv6 link local communication using IPSec

Obstacles and challenges

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

Widely known as the Internet Protocol version 6 (IPv6), the Internetworking Protocol next generation (IPng) has emerged as a solution to the drawbacks of the Internet Protocol version 4. The main functions of the IPv6 are address autoconfiguration and router and neighbor discovery (ND). As a component of the IPng, the Neighbor Discovery protocol (NDP) allows the IPng to be redirected to a suitable hop node. Moreover, it detects identical addresses and unreachable nodes. However, many types of attacks (e.g., neighbor solicitation and advertisement spoofing, address theft, redirection, and denial of service) put the NDP at risk, especially when its security is weak. In the early development of the NDP, its node connections were deemed highly secure. Contrary to this notion, the security of the NDP when formally applied is obviously filled with loopholes. In the original design of the NDP, ND messages receive protection through the application of Internet protocol security (IPsec). However, the exact mechanism of such form of protection remains vague. Thus, we focus on the functions of and threats to the NDP. In addition, we explore the other aspects of the NDP, including its limitations in meeting its primary requirement of using IPsec to secure the local link communication in the IPv6 environment.

Original languageEnglish
Pages (from-to)11124-11128
Number of pages5
JournalAdvanced Science Letters
Volume23
Issue number11
DOIs
Publication statusPublished - 1 Nov 2017

Fingerprint

local communication
IPSec
Internet protocols
Internet
communication
Network protocols
Communication
Theft
Humulus
larceny
Security Protocols
protocol
threat
Vertex of a graph
Routers
Telecommunication links
Denial of Service

Keywords

  • Internet protocol security (IPsec)
  • Internet protocol version 6 (IPv6)
  • Neighbor discovery protocol (NDP)

ASJC Scopus subject areas

  • Computer Science(all)
  • Health(social science)
  • Mathematics(all)
  • Education
  • Environmental Science(all)
  • Engineering(all)
  • Energy(all)

Cite this

Securing IPv6 link local communication using IPSec : Obstacles and challenges. / Ahmed, Amjed Sid; Hassan, Rosilah; Othman, Nor Effendy.

In: Advanced Science Letters, Vol. 23, No. 11, 01.11.2017, p. 11124-11128.

Research output: Contribution to journalArticle

@article{155f9ebac83c49cfb421dfc9278672bb,
title = "Securing IPv6 link local communication using IPSec: Obstacles and challenges",
abstract = "Widely known as the Internet Protocol version 6 (IPv6), the Internetworking Protocol next generation (IPng) has emerged as a solution to the drawbacks of the Internet Protocol version 4. The main functions of the IPv6 are address autoconfiguration and router and neighbor discovery (ND). As a component of the IPng, the Neighbor Discovery protocol (NDP) allows the IPng to be redirected to a suitable hop node. Moreover, it detects identical addresses and unreachable nodes. However, many types of attacks (e.g., neighbor solicitation and advertisement spoofing, address theft, redirection, and denial of service) put the NDP at risk, especially when its security is weak. In the early development of the NDP, its node connections were deemed highly secure. Contrary to this notion, the security of the NDP when formally applied is obviously filled with loopholes. In the original design of the NDP, ND messages receive protection through the application of Internet protocol security (IPsec). However, the exact mechanism of such form of protection remains vague. Thus, we focus on the functions of and threats to the NDP. In addition, we explore the other aspects of the NDP, including its limitations in meeting its primary requirement of using IPsec to secure the local link communication in the IPv6 environment.",
keywords = "Internet protocol security (IPsec), Internet protocol version 6 (IPv6), Neighbor discovery protocol (NDP)",
author = "Ahmed, {Amjed Sid} and Rosilah Hassan and Othman, {Nor Effendy}",
year = "2017",
month = "11",
day = "1",
doi = "10.1166/asl.2017.10234",
language = "English",
volume = "23",
pages = "11124--11128",
journal = "Advanced Science Letters",
issn = "1936-6612",
publisher = "American Scientific Publishers",
number = "11",

}

TY - JOUR

T1 - Securing IPv6 link local communication using IPSec

T2 - Obstacles and challenges

AU - Ahmed, Amjed Sid

AU - Hassan, Rosilah

AU - Othman, Nor Effendy

PY - 2017/11/1

Y1 - 2017/11/1

N2 - Widely known as the Internet Protocol version 6 (IPv6), the Internetworking Protocol next generation (IPng) has emerged as a solution to the drawbacks of the Internet Protocol version 4. The main functions of the IPv6 are address autoconfiguration and router and neighbor discovery (ND). As a component of the IPng, the Neighbor Discovery protocol (NDP) allows the IPng to be redirected to a suitable hop node. Moreover, it detects identical addresses and unreachable nodes. However, many types of attacks (e.g., neighbor solicitation and advertisement spoofing, address theft, redirection, and denial of service) put the NDP at risk, especially when its security is weak. In the early development of the NDP, its node connections were deemed highly secure. Contrary to this notion, the security of the NDP when formally applied is obviously filled with loopholes. In the original design of the NDP, ND messages receive protection through the application of Internet protocol security (IPsec). However, the exact mechanism of such form of protection remains vague. Thus, we focus on the functions of and threats to the NDP. In addition, we explore the other aspects of the NDP, including its limitations in meeting its primary requirement of using IPsec to secure the local link communication in the IPv6 environment.

AB - Widely known as the Internet Protocol version 6 (IPv6), the Internetworking Protocol next generation (IPng) has emerged as a solution to the drawbacks of the Internet Protocol version 4. The main functions of the IPv6 are address autoconfiguration and router and neighbor discovery (ND). As a component of the IPng, the Neighbor Discovery protocol (NDP) allows the IPng to be redirected to a suitable hop node. Moreover, it detects identical addresses and unreachable nodes. However, many types of attacks (e.g., neighbor solicitation and advertisement spoofing, address theft, redirection, and denial of service) put the NDP at risk, especially when its security is weak. In the early development of the NDP, its node connections were deemed highly secure. Contrary to this notion, the security of the NDP when formally applied is obviously filled with loopholes. In the original design of the NDP, ND messages receive protection through the application of Internet protocol security (IPsec). However, the exact mechanism of such form of protection remains vague. Thus, we focus on the functions of and threats to the NDP. In addition, we explore the other aspects of the NDP, including its limitations in meeting its primary requirement of using IPsec to secure the local link communication in the IPv6 environment.

KW - Internet protocol security (IPsec)

KW - Internet protocol version 6 (IPv6)

KW - Neighbor discovery protocol (NDP)

UR - http://www.scopus.com/inward/record.url?scp=85040868107&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85040868107&partnerID=8YFLogxK

U2 - 10.1166/asl.2017.10234

DO - 10.1166/asl.2017.10234

M3 - Article

VL - 23

SP - 11124

EP - 11128

JO - Advanced Science Letters

JF - Advanced Science Letters

SN - 1936-6612

IS - 11

ER -