Abstract
The Neighbor Discovery Protocol (NDP) is one of the main protocols in the Internet Protocol version 6 (IPv6) suite. It provides many basic functions for the normal operations of IPv6 in a Local Area Network (LAN), such as address auto-configuration and address resolution. However, NDP has several vulnerabilities that can be used by malicious nodes to launch attacks, because NDP messages are easily spoofed. Surrounding this problem many solutions have been proposed for securing NDP but these solutions either proposed new protocols that need to be supported by all nodes or built mechanisms that require the cooperation of all nodes. In this paper we overview NDP vulnerabilities and available solutions to overcome their impacts on IPv6 network. In addition a research test bed setup to implement these vulnerabilities was introduced. Moreover attacks that prove these vulnerabilities are implemented on different types of operating systems, Windows and Linux platforms. Three network metrics throughput, delay and resources consumption have been chosen to investigate, analyze and evaluate the impacts of NDP related attacks on IPv6 link-local communication. Overall, the results had shown that performance of Linux based operating system is better than Windows based operating system.
Highlights
Internet Protocol version 6 (IPv6) is a protocol designed as the successor to IPv4 protocol (Hakiem et al, 2015)
The former is used for discovery of the IPv6 nodes on the same link and the latter allows the hosts to automatically configure the IPv6 address without the outside help like Dynamic Host Configuration Protocol (DHCP) server
During Neighbor Advertisement (NA), Neighbor Solicitation (NS) and Router Solicitation (RS) flooding attacks throughput dropped from 1400 Mega Bytes per second (MBps) to just few MBps for Windows 8 while for Ubuntu 16.04 the throughput were dropped slightly compared to Windows 8
Summary
IPv6 is a protocol designed as the successor to IPv4 protocol (Hakiem et al, 2015). It is used to solve the problems faced by IPv4 in today’s internet, such as IP address space limitation, security and scalability. As a response the attacker will replay to every single check for an IPv6 address that victim trying to use, claiming that he (attacker) already using this address (Rehman and Manickam, 2015c) This will prevent the victim from gaining a valid address and denied access to the communication link, as per Fig. 3. Attacker in this type of attack pretending to act as last hop router by sending spoofed RA messages either as a response to RS message or in a routine base. The conceptual neighbor cache is the resource being attacked, which will be occupied with attempts to resolve IPv6 addresses containing a valid prefix but invalid suffix (Mohamed et al, 2017)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
