Skip to main content
SpringerLink
Log in

Proposed DAD-match Mechanism for Securing Duplicate Address Detection Process in IPv6 Link-Local Network Based on Symmetric-Key Algorithm

  • Conference paper
  • First Online:
Computational Science and Technology (ICCST 2017)

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 488))

Included in the following conference series:

Abstract

Duplicate address detection (DAD) is an essential procedure of neighbor discovery protocol (NDP). Further, DAD process decides in case an IP address is in conflict with other nodes. In usual DAD process, the target address to be identified is multicast via the network, which provides an ability for malicious nodes to attack. A malicious node can send a spoofing reply to prevent the address configuration of a normal node, and thus, a denial of service (DoS) attack is launched. This study proposes a new mechanism to hide the target address in DAD, which prevents an attack node from reaching target node. If the address of a normal node is identical to the detection address, then its IP address should be able to decrypt the random word and compare the decryption with decryption in “DADmatch” tag. Consequently, DAD can be successfully completed. This process is called DAD-match. We expect DAD-match will provide a lightweight security resolution and less complexity as well as fully prevent of DoS attacks during DAD process in IPv6 link-local network.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Deering, S.E.: Internet Protocol, Version 6 (IPv6) Specification (1998)

    Google Scholar 

  2. IPv6 – Google Statistics (2017). https://www.google.com/intl/en/ipv6/statistics.html. Accessed 13 Apr 2017

  3. Stockebrand, B.: IP security (IPsec). IPv6 Practice. A Unixer’s Guide to Next Generation Internet, pp. 311–317 (2007)

    Google Scholar 

  4. Atay, S., Masera, M.: Challenges for the security analysis of next generation networks. Inf. Secur. Tech. Rep. 16(1), 3–11 (2011)

    Article  Google Scholar 

  5. Huston, G.: A rough guide to address exhaustion. Internet Protoc. J. 14(1), 2–11 (2011)

    Google Scholar 

  6. Arkko, J., Aura, T., Kempf, J., Mäntylä, V.-M., Nikander, P., Roe, M.: Securing IPv6 neighbor and router discovery. In: Proceedings of the 1st ACM Workshop on Wireless Security, pp. 77–86 (2002)

    Google Scholar 

  7. Narten, T., Simpson, W.A., Nordmark, E., Soliman, H.: Neighbor Discovery for IP Version 6 (IPv6) (2007)

    Google Scholar 

  8. Narten, T., Draves, R., Krishnan, S.: Privacy extensions for stateless address autoconfiguration in IPv6 (2007)

    Google Scholar 

  9. Elejla, O.E., Anbar, M., Belaton, B.: ICMPv6-based DoS and DDoS attacks and defense mechanisms: review. IETE Tech. Rev. 4602, 1–18 (2016)

    Google Scholar 

  10. Elejla, O.E., Belaton, B., Anbar, M., Alnajjar, A.: Intrusion detection systems of ICMPv6-based DDoS attacks. Neural Comput. Appl. 1–12 (2016)

    Google Scholar 

  11. Narten, T., Thomson, S., Jinmei, T.: IPv6 stateless address autoconfiguration (2007)

    Google Scholar 

  12. Tayal, P.: IPV6 SLAAC related security issues and removal of those security issues. Int. J. Eng. Comput. Sci. 3(9), 4 (2014)

    Google Scholar 

  13. Thomson, S: IPv6 Stateless Address Autoconfiguration (1998)

    Google Scholar 

  14. Arkko, J.: Secure Neighbor Discovery (SEND), pp. 1–56 (2005)

    Google Scholar 

  15. AlSa’deh, A., Meinel, C.: Secure neighbor discovery: review, challenges, perspectives, and recommendations. IEEE Secur. Priv. 10(4), 26–34 (2012)

    Article  Google Scholar 

  16. Supriyanto, Hasbullah, I.H., Murugesan, R.K., Ramadass, S.: Survey of internet protocol version 6 link local communication security vulnerability and mitigation methods. IETE Tech. Rev. 30(1), 64–71 (2013)

    Google Scholar 

  17. Elejla, O.E., Anbar, M., Belaton, B.: ICMPv6-based Dos and DDOS attacks and defense mechanisms: review. IETE Tech. Rev. 34, 1–18 (2016)

    Google Scholar 

  18. Caicedo, C.E., Joshi, J.B.D., Tuladhar, S.R.: IPv6 security challenges. Comput. (Long. Beach. Calif) 42(2), 36–42 (2009)

    Google Scholar 

  19. Arkko, J., Kempf, J., Zill, B., Nikander, P.: Secure Neighbor Discovery (SEND) (2005)

    Google Scholar 

  20. Smart, N.P.: Public key encryption and signature algorithms. In: Cryptography Made Simple, pp. 313–347. Springer, Cham (2016)

    Google Scholar 

  21. Kukec, A., Bagnulo, M., Mikuc, M.: SEND-based source address validation for IPv6. In: 10th International Conference on Telecommunications 2009, ConTEL 2009, pp. 199–204 (2009)

    Google Scholar 

  22. Kukec, A., Krishnan, S., Jiang, S.: The Secure Neighbor Discovery (SEND) Hash Threat Analysis (2011)

    Google Scholar 

  23. Gagneja, K., Singh, J.: Survey and analysis of security issues on RSA algorithm for digital video data. J. Discret. Math. Sci. Cryptogr. 19(1), 39–55 (2016)

    Article  MathSciNet  Google Scholar 

  24. Praptodiyono, S., Hasbullah, I.H., Kadhum, M.M., Wey, C.Y., Murugesan, R.K., Osman, A.: Securing duplicate address detection on IPv6 using distributed trust mechanism. Int. J. Simul. Syst. Sci. Technol. 17(26) (2016)

    Google Scholar 

  25. Guo, J., Peyrin, T., Poschmann, A.: The PHOTON family of lightweight hash functions. In: Annual Cryptology Conference, pp. 222–239 (2011)

    Google Scholar 

  26. Aumasson, J.-P., Henzen, L., Meier, W., Naya-Plasencia, M.: Quark: a lightweight hash. In: International Workshop on Cryptographic Hardware and Embedded Systems, pp. 1–15 (2010)

    Google Scholar 

  27. Wang, S., Liu, G.: File encryption and decryption system based on RSA algorithm. In: 2011 International Conference on Computational and Information Sciences (ICCIS), pp. 797–800 (2011)

    Google Scholar 

  28. Turner, S., Chen, L.: Updated security considerations for the MD5 message-digest and the HMAC-MD5 algorithms (2011)

    Google Scholar 

  29. Rehman, S.U., Manickam, S.: Improved mechanism to prevent denial of service attack in IPv6 duplicate address detection process. Int. J. Adv. Comput. Sci. Appl. 8(2), 63–70 (2017)

    Google Scholar 

  30. Ahmed, A.S., Hassan, R., Othman, N.E.: IPv6 neighbor discovery protocol specifications, threats and countermeasures: a survey. IEEE Access 5, 18187–18210 (2017)

    Article  Google Scholar 

  31. Fenner, B.: Experimental Values in IPv4, IPv6, ICMPv4, ICMPv6, UDP, and TCP Headers (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Advanced IPv6 Center, Universiti Sains Malaysia, 11800, Gelugor, Penang, Malaysia

    Ahmed K. Al-Ani, Mohammed Anbar, Selvakumar Manickam & Ayman Al-Ani

  2. Faculty of Computing and Informatics, Universiti Malaysia Sabah (UMS), Jalan UMS, 88400, Kota Kinabalu, Sabah, Malaysia

    Yu-Beng Leau

Authors
  1. Ahmed K. Al-Ani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohammed Anbar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Selvakumar Manickam
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ayman Al-Ani
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yu-Beng Leau
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Ahmed K. Al-Ani or Mohammed Anbar .

Editor information

Editors and Affiliations

  1. Knowledge Technology Research Unit, Faculty of Computing and Informatics, Universiti Malaysia Sabah, Kota Kinabalu, Malaysia

    Rayner Alfred

  2. School of Information Science, Japan Advanced Institute of Science and Technology, Nomi, Ishikawa, Japan

    Hiroyuki Iida

  3. Faculty of Computing and Informatics, Universiti Malaysia Sabah, Kota Kinabalu, Malaysia

    Ag. Asri Ag. Ibrahim

  4. School of Information Science, Security and Networks Area, Japan Advanced Institute of Science and Technology, Nomi, Ishikawa, Japan

    Yuto Lim

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Al-Ani, A.K., Anbar, M., Manickam, S., Al-Ani, A., Leau, YB. (2018). Proposed DAD-match Mechanism for Securing Duplicate Address Detection Process in IPv6 Link-Local Network Based on Symmetric-Key Algorithm. In: Alfred, R., Iida, H., Ag. Ibrahim, A., Lim, Y. (eds) Computational Science and Technology. ICCST 2017. Lecture Notes in Electrical Engineering, vol 488. Springer, Singapore. https://doi.org/10.1007/978-981-10-8276-4_11

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-8276-4_11

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-8275-7

  • Online ISBN: 978-981-10-8276-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation