Duplicate Address Detection (DAD) is one of the most interesting features in IPv6. It allows nodes to connect to a network by generating a unique IP address. It works on two Neighbor Discovery (ND) messages, namely, Neighbor Solicitation (NS) and Neighbor Advertisement (NA). To verify the uniqueness of generating IP, it sends that IP address via NS message to existing hosts. Any malicious node can receive NS message and can send a spoof reply, thereby initiates a DoS attack and prevents auto configuration process. In this manner, DAD is vulnerable to such DoS attack. This study aims to prevent those malicious nodes from sending spoof reply by securing both NS and NA messages. The proposed Advanced Bits Security (ABS) technique is based on Blake2 algorithm and introducing a creative option called ABS field that holds the hash value of tentative IP address and attached to both NA and NS message. We expect the ABS technique can prevent spoof reply during DAD procedure in link local network and can prevent DoS attack
Wikipedia contributors. (2019, October) Wikipedia, The Free Encyclopedia. [Online]. https://en.wikipedia.org/w/index.php?title=IPv6&oldid=922123373
Google. (2019, May) Google IPv6. [Online]. https://www.google.com/intl/en/ipv6/statistics.html
"IPv6 NDP (Neighbor Discovery Protocol) and important Functions of IPv6 NDP". (2019, may) OmnuSecu.com. [Online]. http://www.omnisecu.com/tcpip/ipv6/ndp-neighbour-discovery-protocol-functions-of-ndp.php
Mohammed Anbar, Bahari Belaton Omar Elejla, "ICMPv6-Based DoS and DDoS Attacks and Defense Mechanisms: Review," IETE TECHNICAL REVIEW, vol. 34, no. 4, pp. 390-407, August 2016.
RFC 4861 Authors. (2007, September) IETF. [Online]. https://tools.ietf.org/html/rfc4861
RFC 1122 Authors. (1989, October) IETF. [Online]. https://tools.ietf.org/html/rfc1122
I. H. Hasbullah, M. M. Kadhum, C. Y. Wey, R. K. Murugesan, and A. Osman S. Praptodiyono, "Securing duplicate address detection on IPv6 using distributed trust mechanism," Int. J. Simulation--Systems, Sci. Technol., vol. 7, no. 26, January 2016.
RFC 4941 Authors. (2007, September) IETF. [Online]. https://tools.ietf.org/html/rfc4941
RFC 6959 Authors. (2013, May) IETF. [Online]. https://tools.ietf.org/html/rfc6959
RFC 6194 Authors. (2011, March) IETF. [Online]. https://tools.ietf.org/html/rfc6194
J. Bi, S. Wang, Y. Zhang, and Y. Li G. Yao, "A pull model IPv6 duplicate address detection," IEEE 35th Conference on Local Computer Networks, pp. 372–375, 2010.
L. R. Knudsen and M. J. B. Robshaw, "Brute force attacks," Springer, pp. 95-108, 2011.
G. Song and Z. Ji, "Novel duplicate address detection with hash function," PLoS One, vol. 11, no. 3, 2016.
Salwani Mohd Daud, Noor Azurati Ahmad, Nurazean Maarop, Nilam Nur Amir Sjarif, and Hafiza Abas 19. Ali Maetouq, "Comparison of Hash Function Algorithms Against Attacks: A Review," IJACSA, vol. 9, no. 8, 2018.
Mohammed Anbar, Selvakumar Manickam, and Ayman Al-Ani Ahmed K. Al-Ani, "DAD-match: Technique to prevent DoS attack on duplicate address detection," Journal of Communications, vol. 13, no. 6, June 2018
Alexis Breust and Francois Etcheverry, "Why not SHA-3?A glimpse at the heart of hashfunctions," June 2013.
Jean-Philippe Aumasson, Samuel Neves, Zooko Wilcox-O’Hearn, Christian Winnerlein, "BLAKE2: Simpler, Smaller, Fast as MD5", Springer, pp 119-135, 2013.
RFC 7693 Authors. (2015) IETF. [Online]. https://tools.ietf.org/html/rfc7693
Samuel Neves, Jean-Philippe Aumasson, and zooko CodesInChaos. (2015) GitHub. [Online]. https://github.com/BLAKE2/
Willi Meier, Raphael C.-W. Phan, Luca Henzen ean-Philippe Aumasson, The Hash Function BLAKE.: Springer, Berlin, Heidelberg, 2015.
This work is licensed under a Creative Commons Attribution 4.0 International License.
The names and email addresses entered in this journal site will be used exclusively for the stated purposes of this journal and will not be made available for any other purpose or to any other party.
Submission of the manuscript represents that the manuscript has not been published previously and is not considered for publication elsewhere.