Browse > Article

Implementation of SEND Protocol in IPv6 Networks  

An, Gae-Il (한국전자통신연구원 정보보호연구단)
Nah, Jae-Hoon (한국전자통신연구원 정보보호연구단)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.32, no.7B, 2007 , pp. 403-410 More about this Journal
Abstract
Neighbor Discovery (ND) protocol was proposed to discover neighboring hosts and routers in IPv6 wire/wireless local networks. ND protocol, however, has a problem that it is vulnerable to network attacks because ND protocol allows malicious users to impersonate other legitimate hosts or routers by forging ND protocol messages. To address the security problem, Secure Neighbor Discovery (SEND) protocol was proposed. SEND protocol provides address ownership proof mechanism, ND protocol message protection mechanism, reply attack prevention mechanism, and router authentication mechanism to protect ND protocol. In this paper, we design and implement SEND protocol in IPv6 local networks. And also, we evaluate and analyze the security vulnerability and performance of SEND protocol by experimenting the implemented SEND protocol on IPv6 networks.
Keywords
SIND Protocol; ND Protocol; IPv6; Security; Network Attack;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 R. Droms, J. Bound, B. Volz, T. Lemon, C. E. Perkins, 'Dynamic Host Configuration Protocol for IPv6 (DHCPV6)', IETF, RFC 3315, 2003
2 J. Arkko, T. Aura, J. Kempf, V. Mantyla, P. Nikander, M. Roe, 'Securing IPv6 Neighbor and Router Discovery,' Proc. of the 3rd ACM workshop on Wireless security, pp. 77-86, 2002
3 X. Geng, A. B. Whinston, 'Defeating Distributed Denial of Service Attacks,' IT Pro, pp. 36-41, 2000   DOI   ScienceOn
4 J. Arkko, J. Kempf, B. Zill, P. Nikander, 'SEcure Neighbor Discovery (SEND),' IETF, RFC 3971, 2005
5 A. Conta, S. Deering, 'Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification,' IETF, RFC 2463, 1998
6 P. Mutaf, C. Castelluccia, 'Compact Neighbor Discovery: a Bandwidth Defense through Bandwidth Optimization,' Proc. of INFOCOM, Vol. 4, pp. 2711-2719, 2005
7 김지홍, 나재훈, 'IP 스푸핑 방지를 위한 수정된 IPv6 NDP 메커니즘,' 정보보호학회논문지, 16권, 2호, pp. 95-103, 2006   과학기술학회마을
8 S. Hagen, 'IPv6 Essentials,' O'Reilly, the second edition, 2006
9 Y. Tseng, J. Jiang, J. Lee, 'Secure Bootstrapping and Routing in an IPv6-Based Ad Hoc Network.,' Proc. of ICPP Workshops, pp. 375-383, 2003
10 P. Nikander, J. Kempf, E. Nordmark, 'IPv6 Neighbor Discovery (ND) Trust Models and Threats,' IETF, RFC 3756, 2004
11 T. Narten, E. Nordmark, W. Simpson, 'Neighbor Discovery for IP Version 6 (IPv6),' IETF, RFC 2461, 1998