Abstract
Neighbour Discovery Protocol (NDP) attacks are a serious security concern for IPv6. Attackers utilise the Stateless Address Auto-configuration (SLAAC) NDP attack type to target the SLAAC process. SLAAC attacks can compromise an IPv6 link-local network and expose private data. Attack detection mechanisms including RA-Guard, Snort IPv6 Plugin, SLAAC detection method by Buenaventura et al., and SLAAC Security Method by Massamba et al. have been proposed by researchers to address this issue. However, the detection algorithms have a number of shortcomings, including a complete reliance on preconfigured router databases. Additionally, fragment packets and packets with Hop-by-Hop Options and Destination Options extension headers are not detectable by the detection techniques for hidden RA messages. In this study, a rule-based detection method called SADetection is proposed for use in IPv6 link-local networks to identify SLAAC attacks. Both an illegal Router Advertisement (RA) message and a concealed RA message in a packet with an extension header have been found by SADetection. SADetection has demonstrated a detection accuracy of 98\% percent and the capacity to defend an IPv6 link-local network from SLAAC attacks.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
