Abstract
Network-based moving target defense systems are a valuable addition to the world of computer security and privacy. Ongoing research attempts to push the boundaries of network-based moving target defenses by adding client/server functionality to the Moving Target IPv6 Defense (MT6D) system. While this additional functionality provides a great many benefits, it is important to fully understand the impact to the network of implementing an MT6D server, which by definition greatly increases the amount of management traffic on a network segment. IPv6 relies on the Neighbor Discovery Protocol (NDP) for all network management functions, including the discovery of currently active addresses. Each address that is bound requires a number of NDP messages to be exchanged before a host can begin using said address. When an MT6D server requires the binding of a large number of IPv6 addresses to a single interface, there is likely to be some negative impact to the network due to the amount of NDP traffic that is generated. This work attempts to quantify the specific impact to the network from NDP traffic generation through the use of ns-3 simulations and live experiments.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
