Treffer: Optimization of IPv6 Neighbor Discovery Protocol.

In IPv6, the DAD (Duplicate Address Detection) protocol detects duplicate addresses configured on the local link. Once the IPv6 address is auto configured on an IPv6 enabled host, the host verifies that its address is unique using the DAD procedure. This protocol works when hosts can communicate. If the DAD protocol fails to detect duplication, both the hosts assign the same link-local address. The neighbor discovery protocol verifies the generated address is unique or already exists on the local link. This process is known as Duplicate Address Detection (DAD). This process has critical security vulnerability and is susceptible to many attacks, especially allowing hackers to perform denial of service attacks (DOS). With that, the new devices will not be able to join the network. Researchers have developed various techniques to address DAD vulnerabilities, such as NDPMon, SEND, and Software-defined networking, SAVA, and extension headers. These techniques appear to be neither robust nor performance-oriented with DAD's DOS detection and mitigation techniques. We have proposed a novel approach that detects and mitigates DOS attacks consuming low bandwidth and overhead. [ABSTRACT FROM AUTHOR]

Copyright of Journal of Interconnection Networks is the property of World Scientific Publishing Company and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)