SlideShare a Scribd company logo

A Survey on IPv6 Secure Link Local Communication Models, Techniques and Tools

IJARIDEA Journal
IJARIDEA Journal

A Survey on IPv6 Secure Link Local Communication Models, Techniques and Tools

Engineering
1 of 6
Download to read offline
ISSN(Online): 2456-8805 Dr. P. Sumathi et al., International Journal of Advanced Research in Innovative Discoveries in Engineering and Applications[IJARIDEA] Vol.2, Issue 6,27 December 2017, pg. 1-6 © 2017, IJARIDEA All Rights Reserved 1 A Survey on IPv6 Secure Link Local Communication Models, Techniques and Tools Dr. P. Sumathi1 , Dr. Saroj Patel2 , A. Prabhakaran3 1 Assistant Professor, PG & Research, Department of Computer Science, Government Arts College, Coimbatore, India 2 Associate Professor, Department of Mathematics, Jodhpur National University Jodhpur, Rajasthan, India 3 Ph.D. Scholar, Department of Computer Application, Jodhpur National University, Jodhpur, Rajasthan, India Abstract— The Neighbor Discovery Protocol (NDP) is a protocol in the Internet Protocol suite used with Internet Protocol Version (IPv6). The major responsible for NDP is auto-configuration of nodes, discovery of other nodes on the link, determining the network and data link layer addresses of other nodes, detect duplicate address detection, finding available routers, address prefix discovery, and maintaining reachability information about the paths to other active neighbor nodes. If NDP is not secure and there is a potential for breaking the local area network protection. NDP has some basic protection mechanisms based on the scope of NDP. Neighbor Discovery Protocol message cannot be injected into the network infrastructure from beyond the directly connected data link layer access networks. This protection shield is not enough to completely protect local area network. Therefore without securing NDP vulnerable to various attacks which can be categorized as spoofing, Denial of Service (DoS), Replay, Redirect and Rogue routing information attacks. SEND is a newly specified technology that makes use of Cryptographically Generated Addresses (CGA) to protect the NDP that is used in IPv6 networks to bind the network layer to the data link layer in the protocol stack. Secure Neighbor Discovery (SEND) Protocol offers three additional features to NDP address ownership proof, message protection and a router authorization mechanism. The aim of this paper is to provide a better understanding IPv6 Secure Link Local communication Models, Techniques and Tools. Keywords— IPv6, Link-Local Communication, NDP, SEND. I. INTRODUCTION The Internet Engineering Task Force (IETF) is the organization that is responsible for defining the Internet Protocol standards. When the IETF developed IPv4, the global expansion of the Internet and the current Internet security issues were not anticipated. In IPv4 original design, network security was only given minor consideration. The public Internet grew to the point where people in most parts of the world could connect to the Internet, many companies connected to the Internet for a variety of applications, with the predominate applications being email and web. In the early 1990s, the IETF realized that a new version of Internet Protocol would be needed, and the Task Force started by drafting the new protocol's requirements. IP Next Generation (IPng) was created. IPv6 is the second network layer standard protocol that follows IPv4 for computer communications across the Internet and other computer networks. IPv6 offers several compelling functions and is really the next step in the evolution of the Internet Protocol. These improvements came in the form of increased address size, a streamlined header format, extensible headers, and the ability to preserve the confidentiality and integrity of communications. IPv6 provides several improvements over its predecessor. IPv6 and IPv4 are both network layer protocols, many of the network layer vulnerabilities are therefore similar. However, because the protocol layers above and below the IP layer remain the same for either IP version, many of those attacks will not change. Because the two protocols are related, the similarities between the protocols can create
ISSN(Online): 2456-8805 Dr. P. Sumathi et al., International Journal of Advanced Research in Innovative Discoveries in Engineering and Applications[IJARIDEA] Vol.2, Issue 6,27 December 2017, pg. 1-6 © 2017, IJARIDEA All Rights Reserved 2 similar attack patterns. IPv6 could improve security in some areas, but in other areas, it could also open new threats. Neighbor Discovery Protocol is one of the main protocols in the IPv6 suite. It is heavily used for several critical functions such as discovering other existing nodes on the same link, determining others link layer addresses, detecting duplicate addresses, finding routers and maintaining reachability information about paths to active neighbor. Only a few and limited techniques have been introduced to eliminate threats within Neighbor Discovery Protocol. Internet Protocol Security (IPSec) is mandatory for IPv6, so it is logic consequence to use IPSec as a solution for the threats within Neighbor Discovery Protocol. IPSec Authentication Header (AH) could be implemented with Neighbor Discovery Protocol Neighbor Solicitation and Neighbor Advertisement messages to secure the communication between the nodes. Because of the bootstrap problem arise when using Internet Key Exchange (IKE) to create the Security Association (SA) of the IPSec; SA could only be configured manually which is impractical and tedious task when the networks have large number of nodes. [6] discussed about a project, The effective incentive scheme is proposed to stimulate the forwarding cooperation of nodes in VANETs. In a coalitional game model, every relevant node cooperates in forwarding messages as required by the routing protocol. This scheme is extended with constrained storage space. A lightweight approach is also proposed to stimulate the cooperation. As a Future Enhancement, we further reduce the length of communication overhead and there by the link failures can be reduced. II. IPV6 SECURE LINK LOCAL COMMUNICATION The NDP for IPv6 provides the mechanism required to accomplish the Router Discovery, Prefix Discovery, Parameter Discovery, Address Auto configuration, Address resolution, Next-hop determination, Neighbor Unreachability Detection, Duplicate Address Detection, and Redirect. NDP defines a number of new ICMPv6 messages: Router Solicitation (RS), Router Advertisement (RA), Neighbor Solicitation (NS), Neighbor Advertisement (NA), and Redirect. During bootstrapping hosts need to discover routers and network information and configure their IPv6 interfaces [7]. To accomplish the router discovery the node sends RS messages to all routers multicast address. The response from the routers should be a RA carrying the expected information. To achieve the prefix discovery, a node uses either a manually configured IPv6 address for each interface or generates a link-local IPv6 address as specified in RFC 4862 [1]. In addition, DAD (Duplicate Address Detection) must be performed for every address prior to assigning this address to an interface. DAD consists of sending up to DupAddrDetectTransmits, Neighbor Solicitation messages that carry the address that the node is checking for duplicates in the Target Address field. The IPv6 source address of NS is the unspecified address and the destination address is the Solicited node multicast address of the target. If there is no answer within a certain period of time then depending on the value of DupAddrDetectTransmits, another NS is sent or the address is assumed to be unique that no other node is using the same address. Both constants are defined in RFC 4861 [2] and RFC 4862 [1] respectively, with default values of 1,000 milliseconds and one respectively. After the node’s interfaces are configured, when a node wants to send a packet to a neighbor, it first sends a NS message to the Solicited node multicast address in order to resolve the target’s link-layer address. One of the most common assumptions about IPv6 is that it is designed to be secure. Such assumptions are a result of incorporating IPSec Authentication Headers into the IPv6 protocol suite.
ISSN(Online): 2456-8805 Dr. P. Sumathi et al., International Journal of Advanced Research in Innovative Discoveries in Engineering and Applications[IJARIDEA] Vol.2, Issue 6,27 December 2017, pg. 1-6 © 2017, IJARIDEA All Rights Reserved 3 The implementation of a process responsible for securely transporting the keys has eight different modes of operation. Some key exchanges can be done automatically others must have a manual element. One of the goals of auto configuration is to have the entire process occur automatically and without any human interaction. The automatic key exchanges can occur only between hosts with already established IPv6 addresses. Neighbor Discovery Protocol is not secure and there is a potential for breaking the local network protection. Neighbor Discovery Protocol has some basic protection mechanisms based on the scope of Neighbor Discovery Protocol. It is a link-local protocol, so the source address must be either unspecified (::/128) or a link-local address, and the hop limit must be set to 255. Also, the routers do not forward link-local address. Thus NDP message cannot be injected into the network infrastructure from beyond the directly connected data link layer access networks. III. THREAT AND VULNERABILITY ON IPV6 LINK LOCAL COMMUNICATION IP Security(IPSec), is a framework of open standards developed by the Internet Engineering Task Force that provide security for transmission of sensitive information over unprotected networks such as the Internet. IPSec acts at the network layer, protecting and authenticating IP packets between participating IPSec devices. In IPv6, IPSec is implemented using the AH authentication header and the ESP extension header. The authentication header provides integrity and authentication of the source. The authentication header protects the integrity of most of the IP header fields and authenticates the source through a signature-based algorithm. The ESP header provides confidentiality, authentication of the source, connectionless integrity of the inner packet and limited traffic flow confidentiality. The Internet Key Exchange (IKE) protocol is a key management protocol standard that is used in conjunction with IPSec. IPsec can be configured without IKE, but IKE enhances IPSec by providing additional features, flexibility, and ease of configuration for the IPSec standard. IKE is a hybrid protocol that implements the key exchange inside the Internet Security Association Key Management Protocol (ISAKMP) framework ISAKMP, Key exchange are security protocols implemented by IKE. This functionality is similar to the security gateway model using IPv4 IPSec protection. IV.SECURE NEIGHBOR DISCOVERY PROTOCOL Secure Neighbor Discovery (SEND) Protocol is a newly specified technology that makes use of Cryptographically Generated Addresses (CGA) to protect the NDP that is used in IPv6 networks to bind the network layer to the data link layer in the protocol stack. SEND offers three additional features to NDP address ownership proof, message protection and a router authorization mechanism. To achieve these additional features, SEND comes with five new options CGA Generation, CGA Verification, RSA signature, nonce, and Timestamp [4]. 1. CGA Generation The CGA algorithm uses input values as Public Key, Modifier (128 bits), Subnet Prefix (64bits) and Sec value. The cost of creating a new CGA depends on the security parameter Sec, which can take on values from 0 to 3. If Sec = 0, a CGA can be created from the hash input with a straightforward algorithm that just computes a suitable hash and embeds it into the address [5]. The output from the CGA algorithm is a CGA address and a CGA
ISSN(Online): 2456-8805 Dr. P. Sumathi et al., International Journal of Advanced Research in Innovative Discoveries in Engineering and Applications[IJARIDEA] Vol.2, Issue 6,27 December 2017, pg. 1-6 © 2017, IJARIDEA All Rights Reserved 4 Parameters. The CGA generation begins with the determination of the address owner's Public Key and by selecting the proper “Sec” value. 2. CGA Verification The first step of the verification process is to extract various parameters from the ICMPv6 CGA Option. HASH1 and HASH2 are then calculated with the exception of the 7th and 8th bits (universal/global bits) and the first three Sec bits, the leftmost 64 bits of HASH1 should be identical to the interface identifier portion of the IPv6 address. 3. RSA Signature SEND uses the RSA Signature option to authenticate the identity of the sender and to prevent an attacker from spoofing CGA addresses. The public key signatures maintain the integrity of the messages and authenticate the sender identity. Once the public key is obtained from CGA Option, the receiver can use it to decrypt messages encrypted with the corresponding private key. ICMPv6 Option 12 allows us to use RSA digital signatures to establish authenticity of such packet exchanges. Key Hash—leftmost 128 bits of SHA-1 of the public key used for constructing the signature [8]. 4. Timestamp The Timestamp option provides replay protection and ensures that unsolicited advertisements and redirects have not been replayed such as periodic RA and Redirect. The timestamp contains the time elapsed since Jan 1st, 1970, 00:00 UTC. 48 bits are used for seconds, and 16 bits for 1/64K seconds. The RFC 3971 [3] defines some parameters for adjusting the permissible drift in sender and receiver clocks. 5. Nonce A random or pseudo-random number generated by a node and used exactly once. In SEND Protocol, the option is used to prevent a replay attack in solicited messages, such as NS/NA and RS/RA. SEND Protocol can use third parties as verifiers of node identity. This process is referred to as the Authentication Delegation Discovery. To begin such a process, a host needs to know a Trust Anchor to confirm that a given router is authorized to perform router duties. This is a feature without a corresponding ND function, and to accommodate it the SEND protocol implements two new ICMPv6 Message Types are Certification Path Solicitation (CPS) and Certification Path Advertisement (CPA) [9]. V. DISCUSSION ON SECURE LINK LOCAL Realizing the importance of NDP security, IPv6 have included a security mechanism in it to protect IP based communications. The modern operating system lacks support for SEND Protocol, the security standard without sophisticated implementations [10]. Cisco and Juniper, have various levels of support for SEND Protocol in their routers, no major operating system provides a good level of support. Current SEND implementations for specific OS distribution, some of these implementations DoCoMo's SeND (send-0.2), NDprotector, Easy-SEND, and Windows Secure Neighbor Discovery (WinSEND) are done in the user space and others Native SeND Kernel API for BSD (send-0.3), TrustRouter and ipv6-send-cga at the kernel level [11]. Table 1 shows the Summary of the Different type of SEND Methods with a brief description TABLE I SUMMARY OF THE DIFFERENT TYPE OF SEND PROTOCOL METHODS Method First Release Language Based On Operating System Availability (site)
ISSN(Online): 2456-8805 Dr. P. Sumathi et al., International Journal of Advanced Research in Innovative Discoveries in Engineering and Applications[IJARIDEA] Vol.2, Issue 6,27 December 2017, pg. 1-6 © 2017, IJARIDEA All Rights Reserved 5 DoCoMo's SEND 2008 C - Language Linux, FreeBSD Support has been stopped Native SeND Kernel API 2010 C - Language Linux, FreeBSD http://p4web.freebsd.org ipv6-send-cga(Huawei and BUPT) 2009 C-Language Linux https://code.google.com/p/ipv6-send-cga/ Easy-SEND 2009 Java Linux http://easy-send.sourceforge.net/ ND Protector 2011 Python Linux http://amnesiak.org/NDprotector/ WinSEND 2011 .NET Windows Not support by Microsoft TrustRouter 2012 Python and C Linux, Windows, Mac OS X https://github.com/TrustRouter/TrustRouter Cisco IOS 12.4(24)T 2009 IOS 12.4T Cisco Router http://www.cisco.com/cisco/web/support/inde x.html SEND Protocol perform two ICMPv6 messages for identifying the router authorization process. All the methods (Table 1) mainly work in the network layer. All ND messages without the CGA and RSA signature options are to be treated as regular ND. There is also an option for specifying which authorization method. SEND Protocol has a number of disadvantages that causes the NDP extension not being widely implemented [12]. The CGA option cannot assure the identity of real node and it also not sufficient to ensure the CGA address that belongs to appropriate node. Attacker could steal NDP message and change the CGA parameters. Another major disadvantage is the implementation of SEND Protocol results in more processing cycles that consume CPU of nodes as well as bandwidth. Table 2 highlights a summary of mitigation methods on IPv6 security and identifying their strength and weaknesses. TABLE II STRENGTH AND WEAKNESS OF SEND METHODS Method Strength Weakness DoCoMo's SEND Operating system user space. Users can verify information related to the internal states and the operations executed by the application and distributed independently. Limited debugging mode. Implementation does not handle DAD collisions. Processing overhead, effectively prohibiting production deployment in high-speed networking environments. Available only in FreeBSD and DragonFlyBSD. Native SeND Kernel API for BSD Easy to use and portable. Implementation is completely in user space and self-contained. Implementation is completely independent of the kernel. And does not handle DAD collisions. No reliability and security. Huawei and BUPT (ipv6-send- cga) Operating system user-space. ECC algorithm is implemented as an alternative signature algorithm. A simple CRL verification mechanism. Research prototype, bugs that sometimes could even cause kernel crashes. Easy-SEND Works as a firewall between the network interface card and the IPv6 stack. Actual version is limited to the creation of a secure environment for IPv6 nodes. Hosts are not able to participate in the Router Discovery process. NDprotector The implementation uses the Private Key and adds an RSA signature option. The implementation is currently limited to Linux platform. WinSEND The User Interface allows users to set or modify WinSEND input parameters, Not supported in Windows Operating System. TrustRouter One-click solution that can be installed on clients running Linux, Mac OS X, and Windows. TrustRouter does not implement CGAs and does not secure neighbor advertisements. Cisco IOS IPv6 RA Guard, IPv6 ND Inspection mitigates Implementation is completely dependent and limited to other
ISSN(Online): 2456-8805 Dr. P. Sumathi et al., International Journal of Advanced Research in Innovative Discoveries in Engineering and Applications[IJARIDEA] Vol.2, Issue 6,27 December 2017, pg. 1-6 © 2017, IJARIDEA All Rights Reserved 6 12.4(24)T some of the inherent vulnerabilities of duplicate address detection. Internetworking Operating System (IOS). VI.CONCLUSION NDP is important in IPv6 network for address resolution process. The implementation of SEND Protocol have a default assumption that communication link is safe and reliable, which is not correct in reality, the protocol facing biggest issue with the idea of CGA based on the speed of the computers currently in use. SEND Protocol is a research prototype need focused on protocol correctness, as well as much to be done in hardening the daemon itself against attack and making it more robust and stable also not commercial grade reliability and security. However, not many detailed instructions for using SEND protocol are available. The number of manually configured security associations needed for protecting NDP can be very large, which makes that approach impractical for most purposes. These threats need to be considered and eliminated. Future researches are requested in order to overcome the limitation of the proposed mechanism and to find a complete model to SEND Protocol. VII. REFERENCES [1] Dhanoj Mohan, Rathikarani, Gopakumar, Automation of Ration Shop Using PLC, IJMER, ISSN: 2249-6645, Vol. 3, Issue. 5, Sep - Oct. 2013 pp-2971-297. S. Thomson, T. Narten, and T. Jinmei, “IPv6 Stateless Address Autoconfiguration”, RFC 4862 (Standard), Internet Engineering Task Force, September 2007. URL https://tools.ietf.org/rfc/rfc4862.txt. Obsoletes by 2462. [2] Narten T., et al., “Neighbor Discovery for IP version 6 (IPv6)”, RFC 4861 (Standard), Internet Engineering Task Force, September 2007. URL https://tools.ietf.org/html/rfc4861. Obsoletes by 2461. [3] J. Arkko, J. Kempf, B. Zill, P. Nikander, “Secure Neighbor Discovery (SEND),” RFC 3971 (Proposed Standard), Internet Engineering Task Force, March 2005. URL https://tools.ietf.org/html/rfc3971. [4] J. Arkko, et al., “Securing IPv6 Neighbor and Router Discovery”, WiSE '02 Proceedings of the 1st ACM workshop on Wireless security, pp. 77-86, Sep. 2002. ISBN: 1-58113-585-8, DOI: 10.1145/570681.570690. [5] Implementing First Hop-Security in IPv6, Cisco Systems, 2011; Retrieved from www.cisco.com/c/en/us/td/docs/ios/ipv6/configuration/ guide/15_0sy/ipv6_15_0sy_book/ip6-first_hop_security.html. [6] Christo Ananth, "Incentive Scheme for Stimulation of Forwarding Cooperation of nodes in VANETs ", Rakuten Kobo Inc. Publishing, Toronto, Canada, ISBN: 978-81-910-751-4-4, October 2017, pp: 12-56. [7] Wendell Odom, “CCNP ROUTE 642-902”, Pearson Education Inc., Cisco Press, January 2010. pp. 529. ISBN-10: 1-58720-253-0, ISBN-13: 978-1-58720-253-7. [8] Weilin Xu et al., “NAPT66-Stateful IPv6-to IPv6 Network Address Port Translation”, Retrieved from https://code.google.com/p/napt66/. Accessed 20-June-2015. [9] Xiaoyu Zhao, et al., “A Lightweight AplusP Approach for public IPv4 Address Sharing in IPv6 Environments”, In 5th International Multi-Conference on Computing in the Global Information Technology (ICCGI), page 256-261, Valencia, Spain, September 20-25, 2010. Retrieved from http://dx.doi.org/10.1109/ICCGI.2010.21. [10]Ahmad AlSa'deh, HosniehRafiee, ChristophMeinel, “Secure Neighbor Discovey: A Cryptographic Solution for Securing Ipv6 Local Link Operations,” Chapter 8, pp : 178-196. [11]A. AlSa’deh and C. Meinel,"Secure Neighbor Discovery: Review, Challenges, Perspectives, and Recommendations," IEEE Security & Privacy Magazine, vol. 10, no. 4, pp. 26 –34, Aug. 2012. [12]Supriyanto, I.H. Hasbullah, R.J. Murugesan, S. Ramadass, “Survey of IPv6 Link Local Communication Security Vulnerability and Mitigation Methods,” IETE TECHNICAL REVIEW, vol 30, issue 1, pp. 64-71, Jan-Feb 2013.

Recommended

Implementation & Challenges of IPv6
Implementation & Challenges of IPv6 Implementation & Challenges of IPv6
Implementation & Challenges of IPv6 Farwa Ansari
 
IPv6 Implementation challenges
IPv6 Implementation challengesIPv6 Implementation challenges
IPv6 Implementation challengesFarwa Ansari
 
BasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet FiltersBasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet Filtersbhasker nalaveli
 
Controlling ip spoofing through inter domain packet filters(synopsis)
Controlling ip spoofing through inter domain packet filters(synopsis)Controlling ip spoofing through inter domain packet filters(synopsis)
Controlling ip spoofing through inter domain packet filters(synopsis)Mumbai Academisc
 
RSA and RC4 Cryptosystem Performance Evaluation Using Image and Text
RSA and RC4 Cryptosystem Performance Evaluation Using Image and TextRSA and RC4 Cryptosystem Performance Evaluation Using Image and Text
RSA and RC4 Cryptosystem Performance Evaluation Using Image and TextYekini Nureni
 
50120140507006
5012014050700650120140507006
50120140507006IAEME Publication
 
IP spoofing attacks & defence
IP spoofing attacks & defenceIP spoofing attacks & defence
IP spoofing attacks & defencevisor999
 
A Survey on Generation and Evolution of Various Cryptographic Techniques
A Survey on Generation and Evolution of Various Cryptographic TechniquesA Survey on Generation and Evolution of Various Cryptographic Techniques
A Survey on Generation and Evolution of Various Cryptographic TechniquesIRJET Journal
 

Recommended

Implementation & Challenges of IPv6
Implementation & Challenges of IPv6 Implementation & Challenges of IPv6
Implementation & Challenges of IPv6 Farwa Ansari
 
IPv6 Implementation challenges
IPv6 Implementation challengesIPv6 Implementation challenges
IPv6 Implementation challengesFarwa Ansari
 
BasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet FiltersBasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet Filtersbhasker nalaveli
 
Controlling ip spoofing through inter domain packet filters(synopsis)
Controlling ip spoofing through inter domain packet filters(synopsis)Controlling ip spoofing through inter domain packet filters(synopsis)
Controlling ip spoofing through inter domain packet filters(synopsis)Mumbai Academisc
 
RSA and RC4 Cryptosystem Performance Evaluation Using Image and Text
RSA and RC4 Cryptosystem Performance Evaluation Using Image and TextRSA and RC4 Cryptosystem Performance Evaluation Using Image and Text
RSA and RC4 Cryptosystem Performance Evaluation Using Image and TextYekini Nureni
 
50120140507006
5012014050700650120140507006
50120140507006IAEME Publication
 
IP spoofing attacks & defence
IP spoofing attacks & defenceIP spoofing attacks & defence
IP spoofing attacks & defencevisor999
 
A Survey on Generation and Evolution of Various Cryptographic Techniques
A Survey on Generation and Evolution of Various Cryptographic TechniquesA Survey on Generation and Evolution of Various Cryptographic Techniques
A Survey on Generation and Evolution of Various Cryptographic TechniquesIRJET Journal
 
Efficient End-to-End Secure Key Management Protocol for Internet of Things
Efficient End-to-End Secure Key Management Protocol for Internet of Things Efficient End-to-End Secure Key Management Protocol for Internet of Things
Efficient End-to-End Secure Key Management Protocol for Internet of Things IJECEIAES
 
82 86
82 8682 86
82 86Editor IJARCET
 
IRJET- Data Security in Network Flow using Obfuscation Technique
IRJET- Data Security in Network Flow using Obfuscation TechniqueIRJET- Data Security in Network Flow using Obfuscation Technique
IRJET- Data Security in Network Flow using Obfuscation TechniqueIRJET Journal
 
AN EXPERIMENTAL STUDY OF IOT NETWORKS UNDER INTERNAL ROUTING ATTACK
AN EXPERIMENTAL STUDY OF IOT NETWORKS UNDER INTERNAL ROUTING ATTACKAN EXPERIMENTAL STUDY OF IOT NETWORKS UNDER INTERNAL ROUTING ATTACK
AN EXPERIMENTAL STUDY OF IOT NETWORKS UNDER INTERNAL ROUTING ATTACKIJCNCJournal
 
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKS
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKSDESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKS
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKScscpconf
 
Performance evaluation of Hard and Soft Wimax by using PGP and PKM protocols ...
Performance evaluation of Hard and Soft Wimax by using PGP and PKM protocols ...Performance evaluation of Hard and Soft Wimax by using PGP and PKM protocols ...
Performance evaluation of Hard and Soft Wimax by using PGP and PKM protocols ...IOSR Journals
 
Pgp
PgpPgp
PgpAbhishek Kesharwani
 
An Effective Privacy-Preserving Data Coding in Peer-To-Peer Network
An Effective Privacy-Preserving Data Coding in Peer-To-Peer NetworkAn Effective Privacy-Preserving Data Coding in Peer-To-Peer Network
An Effective Privacy-Preserving Data Coding in Peer-To-Peer NetworkIJCNCJournal
 
Design of Hybrid Cryptography Algorithm for Secure Communication
Design of Hybrid Cryptography Algorithm for Secure CommunicationDesign of Hybrid Cryptography Algorithm for Secure Communication
Design of Hybrid Cryptography Algorithm for Secure CommunicationIRJET Journal
 
Unit 5
Unit 5Unit 5
Unit 5Vinod Kumar Gorrepati
 
Whitepaper Deep Packet Inspection
Whitepaper Deep Packet InspectionWhitepaper Deep Packet Inspection
Whitepaper Deep Packet Inspectionipoque
 
IRJET- Message Encryption using Hybrid Cryptography
IRJET- Message Encryption using Hybrid CryptographyIRJET- Message Encryption using Hybrid Cryptography
IRJET- Message Encryption using Hybrid CryptographyIRJET Journal
 
SECURED TEXT MESSAGE TRANSMISSION IN A WIRELESS COMMUNICATION SYSTEM WITH THE...
SECURED TEXT MESSAGE TRANSMISSION IN A WIRELESS COMMUNICATION SYSTEM WITH THE...SECURED TEXT MESSAGE TRANSMISSION IN A WIRELESS COMMUNICATION SYSTEM WITH THE...
SECURED TEXT MESSAGE TRANSMISSION IN A WIRELESS COMMUNICATION SYSTEM WITH THE...caijjournal
 
A Novel IP Traceback Scheme for Spoofing Attack
A Novel IP Traceback Scheme for Spoofing AttackA Novel IP Traceback Scheme for Spoofing Attack
A Novel IP Traceback Scheme for Spoofing AttackIJAEMSJORNAL
 
Multiple intrusion detection in RPL based networks
Multiple intrusion detection in RPL based networks Multiple intrusion detection in RPL based networks
Multiple intrusion detection in RPL based networks IJECEIAES
 
IRJET- Data Transmission using RSA Algorithm
IRJET- Data Transmission using RSA AlgorithmIRJET- Data Transmission using RSA Algorithm
IRJET- Data Transmission using RSA AlgorithmIRJET Journal
 
G43053847
G43053847G43053847
G43053847IJERA Editor
 
Pgp
PgpPgp
PgpReham Maher El-Safarini
 
State of the art parallel approaches for
State of the art parallel approaches forState of the art parallel approaches for
State of the art parallel approaches forijcsa
 
D017131318
D017131318D017131318
D017131318IOSR Journals
 
Security Issues in Next Generation IP and Migration Networks
Security Issues in Next Generation IP and Migration NetworksSecurity Issues in Next Generation IP and Migration Networks
Security Issues in Next Generation IP and Migration NetworksIOSR Journals
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
 

More Related Content

What's hot

Efficient End-to-End Secure Key Management Protocol for Internet of Things
Efficient End-to-End Secure Key Management Protocol for Internet of Things Efficient End-to-End Secure Key Management Protocol for Internet of Things
Efficient End-to-End Secure Key Management Protocol for Internet of Things IJECEIAES
 
IRJET- Data Security in Network Flow using Obfuscation Technique
IRJET- Data Security in Network Flow using Obfuscation TechniqueIRJET- Data Security in Network Flow using Obfuscation Technique
IRJET- Data Security in Network Flow using Obfuscation TechniqueIRJET Journal
 
AN EXPERIMENTAL STUDY OF IOT NETWORKS UNDER INTERNAL ROUTING ATTACK
AN EXPERIMENTAL STUDY OF IOT NETWORKS UNDER INTERNAL ROUTING ATTACKAN EXPERIMENTAL STUDY OF IOT NETWORKS UNDER INTERNAL ROUTING ATTACK
AN EXPERIMENTAL STUDY OF IOT NETWORKS UNDER INTERNAL ROUTING ATTACKIJCNCJournal
 
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKS
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKSDESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKS
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKScscpconf
 
Performance evaluation of Hard and Soft Wimax by using PGP and PKM protocols ...
Performance evaluation of Hard and Soft Wimax by using PGP and PKM protocols ...Performance evaluation of Hard and Soft Wimax by using PGP and PKM protocols ...
Performance evaluation of Hard and Soft Wimax by using PGP and PKM protocols ...IOSR Journals
 
An Effective Privacy-Preserving Data Coding in Peer-To-Peer Network
An Effective Privacy-Preserving Data Coding in Peer-To-Peer NetworkAn Effective Privacy-Preserving Data Coding in Peer-To-Peer Network
An Effective Privacy-Preserving Data Coding in Peer-To-Peer NetworkIJCNCJournal
 
Design of Hybrid Cryptography Algorithm for Secure Communication
Design of Hybrid Cryptography Algorithm for Secure CommunicationDesign of Hybrid Cryptography Algorithm for Secure Communication
Design of Hybrid Cryptography Algorithm for Secure CommunicationIRJET Journal
 
Whitepaper Deep Packet Inspection
Whitepaper Deep Packet InspectionWhitepaper Deep Packet Inspection
Whitepaper Deep Packet Inspectionipoque
 
IRJET- Message Encryption using Hybrid Cryptography
IRJET- Message Encryption using Hybrid CryptographyIRJET- Message Encryption using Hybrid Cryptography
IRJET- Message Encryption using Hybrid CryptographyIRJET Journal
 
SECURED TEXT MESSAGE TRANSMISSION IN A WIRELESS COMMUNICATION SYSTEM WITH THE...
SECURED TEXT MESSAGE TRANSMISSION IN A WIRELESS COMMUNICATION SYSTEM WITH THE...SECURED TEXT MESSAGE TRANSMISSION IN A WIRELESS COMMUNICATION SYSTEM WITH THE...
SECURED TEXT MESSAGE TRANSMISSION IN A WIRELESS COMMUNICATION SYSTEM WITH THE...caijjournal
 
A Novel IP Traceback Scheme for Spoofing Attack
A Novel IP Traceback Scheme for Spoofing AttackA Novel IP Traceback Scheme for Spoofing Attack
A Novel IP Traceback Scheme for Spoofing AttackIJAEMSJORNAL
 
Multiple intrusion detection in RPL based networks
Multiple intrusion detection in RPL based networks Multiple intrusion detection in RPL based networks
Multiple intrusion detection in RPL based networks IJECEIAES
 
IRJET- Data Transmission using RSA Algorithm
IRJET- Data Transmission using RSA AlgorithmIRJET- Data Transmission using RSA Algorithm
IRJET- Data Transmission using RSA AlgorithmIRJET Journal
 
State of the art parallel approaches for
State of the art parallel approaches forState of the art parallel approaches for
State of the art parallel approaches forijcsa
 

What's hot (19)

Efficient End-to-End Secure Key Management Protocol for Internet of Things
Efficient End-to-End Secure Key Management Protocol for Internet of Things Efficient End-to-End Secure Key Management Protocol for Internet of Things
Efficient End-to-End Secure Key Management Protocol for Internet of Things
 
82 86
82 8682 86
82 86
 
IRJET- Data Security in Network Flow using Obfuscation Technique
IRJET- Data Security in Network Flow using Obfuscation TechniqueIRJET- Data Security in Network Flow using Obfuscation Technique
IRJET- Data Security in Network Flow using Obfuscation Technique
 
AN EXPERIMENTAL STUDY OF IOT NETWORKS UNDER INTERNAL ROUTING ATTACK
AN EXPERIMENTAL STUDY OF IOT NETWORKS UNDER INTERNAL ROUTING ATTACKAN EXPERIMENTAL STUDY OF IOT NETWORKS UNDER INTERNAL ROUTING ATTACK
AN EXPERIMENTAL STUDY OF IOT NETWORKS UNDER INTERNAL ROUTING ATTACK
 
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKS
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKSDESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKS
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKS
 
Performance evaluation of Hard and Soft Wimax by using PGP and PKM protocols ...
Performance evaluation of Hard and Soft Wimax by using PGP and PKM protocols ...Performance evaluation of Hard and Soft Wimax by using PGP and PKM protocols ...
Performance evaluation of Hard and Soft Wimax by using PGP and PKM protocols ...
 
Pgp
PgpPgp
Pgp
 
An Effective Privacy-Preserving Data Coding in Peer-To-Peer Network
An Effective Privacy-Preserving Data Coding in Peer-To-Peer NetworkAn Effective Privacy-Preserving Data Coding in Peer-To-Peer Network
An Effective Privacy-Preserving Data Coding in Peer-To-Peer Network
 
Design of Hybrid Cryptography Algorithm for Secure Communication
Design of Hybrid Cryptography Algorithm for Secure CommunicationDesign of Hybrid Cryptography Algorithm for Secure Communication
Design of Hybrid Cryptography Algorithm for Secure Communication
 
Unit 5
Unit 5Unit 5
Unit 5
 
Whitepaper Deep Packet Inspection
Whitepaper Deep Packet InspectionWhitepaper Deep Packet Inspection
Whitepaper Deep Packet Inspection
 
IRJET- Message Encryption using Hybrid Cryptography
IRJET- Message Encryption using Hybrid CryptographyIRJET- Message Encryption using Hybrid Cryptography
IRJET- Message Encryption using Hybrid Cryptography
 
SECURED TEXT MESSAGE TRANSMISSION IN A WIRELESS COMMUNICATION SYSTEM WITH THE...
SECURED TEXT MESSAGE TRANSMISSION IN A WIRELESS COMMUNICATION SYSTEM WITH THE...SECURED TEXT MESSAGE TRANSMISSION IN A WIRELESS COMMUNICATION SYSTEM WITH THE...
SECURED TEXT MESSAGE TRANSMISSION IN A WIRELESS COMMUNICATION SYSTEM WITH THE...
 
A Novel IP Traceback Scheme for Spoofing Attack
A Novel IP Traceback Scheme for Spoofing AttackA Novel IP Traceback Scheme for Spoofing Attack
A Novel IP Traceback Scheme for Spoofing Attack
 
Multiple intrusion detection in RPL based networks
Multiple intrusion detection in RPL based networks Multiple intrusion detection in RPL based networks
Multiple intrusion detection in RPL based networks
 
IRJET- Data Transmission using RSA Algorithm
IRJET- Data Transmission using RSA AlgorithmIRJET- Data Transmission using RSA Algorithm
IRJET- Data Transmission using RSA Algorithm
 
G43053847
G43053847G43053847
G43053847
 
Pgp
PgpPgp
Pgp
 
State of the art parallel approaches for
State of the art parallel approaches forState of the art parallel approaches for
State of the art parallel approaches for
 

Similar to A Survey on IPv6 Secure Link Local Communication Models, Techniques and Tools

Security Issues in Next Generation IP and Migration Networks
Security Issues in Next Generation IP and Migration NetworksSecurity Issues in Next Generation IP and Migration Networks
Security Issues in Next Generation IP and Migration NetworksIOSR Journals
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
 
Look at ipv6 security advantages over ipv4
Look at ipv6 security advantages over ipv4Look at ipv6 security advantages over ipv4
Look at ipv6 security advantages over ipv4Alexander Decker
 
Implementation of “Traslator Strategy” For Migration of Ipv4 to Ipv6
Implementation of “Traslator Strategy” For Migration of Ipv4 to Ipv6Implementation of “Traslator Strategy” For Migration of Ipv4 to Ipv6
Implementation of “Traslator Strategy” For Migration of Ipv4 to Ipv6IJERA Editor
 
Data Communication IPv6, Ethernet, OSI Model, Transmission Impairments
Data Communication IPv6, Ethernet, OSI Model, Transmission ImpairmentsData Communication IPv6, Ethernet, OSI Model, Transmission Impairments
Data Communication IPv6, Ethernet, OSI Model, Transmission ImpairmentsShefa Idrees
 
Paper id 25201418
Paper id 25201418Paper id 25201418
Paper id 25201418IJRAT
 
Future protocol IP v6
Future protocol IP v6Future protocol IP v6
Future protocol IP v6Manesh Sharma
 
Mitigation of Selfish Node Attacks In Autoconfiguration of MANETs
Mitigation of Selfish Node Attacks In Autoconfiguration of MANETsMitigation of Selfish Node Attacks In Autoconfiguration of MANETs
Mitigation of Selfish Node Attacks In Autoconfiguration of MANETsIJAAS Team
 
Introduction to IPv6-UoN
Introduction to IPv6-UoNIntroduction to IPv6-UoN
Introduction to IPv6-UoNMwendwa Kivuva
 
A Survey On Next Generation Internet Protocol IPv6
A Survey On Next Generation Internet Protocol IPv6A Survey On Next Generation Internet Protocol IPv6
A Survey On Next Generation Internet Protocol IPv6Carrie Romero
 
Resume-Sarthak P Shetty
Resume-Sarthak P ShettyResume-Sarthak P Shetty
Resume-Sarthak P ShettySarthak Shetty
 
IMPROVING IPV6 ADDRESSING TYPES AND SIZE
IMPROVING IPV6 ADDRESSING TYPES AND SIZEIMPROVING IPV6 ADDRESSING TYPES AND SIZE
IMPROVING IPV6 ADDRESSING TYPES AND SIZEIJCNCJournal
 
Ip, subnet, gateway and routers
Ip, subnet, gateway and routersIp, subnet, gateway and routers
Ip, subnet, gateway and routersAdrian Suarez
 

Similar to A Survey on IPv6 Secure Link Local Communication Models, Techniques and Tools (20)

D017131318
D017131318D017131318
D017131318
 
Security Issues in Next Generation IP and Migration Networks
Security Issues in Next Generation IP and Migration NetworksSecurity Issues in Next Generation IP and Migration Networks
Security Issues in Next Generation IP and Migration Networks
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
 
14 564
14 56414 564
14 564
 
Look at ipv6 security advantages over ipv4
Look at ipv6 security advantages over ipv4Look at ipv6 security advantages over ipv4
Look at ipv6 security advantages over ipv4
 
Implementation of “Traslator Strategy” For Migration of Ipv4 to Ipv6
Implementation of “Traslator Strategy” For Migration of Ipv4 to Ipv6Implementation of “Traslator Strategy” For Migration of Ipv4 to Ipv6
Implementation of “Traslator Strategy” For Migration of Ipv4 to Ipv6
 
Network Layer
Network LayerNetwork Layer
Network Layer
 
Data Communication IPv6, Ethernet, OSI Model, Transmission Impairments
Data Communication IPv6, Ethernet, OSI Model, Transmission ImpairmentsData Communication IPv6, Ethernet, OSI Model, Transmission Impairments
Data Communication IPv6, Ethernet, OSI Model, Transmission Impairments
 
Paper id 25201418
Paper id 25201418Paper id 25201418
Paper id 25201418
 
Future protocol IP v6
Future protocol IP v6Future protocol IP v6
Future protocol IP v6
 
Mitigation of Selfish Node Attacks In Autoconfiguration of MANETs
Mitigation of Selfish Node Attacks In Autoconfiguration of MANETsMitigation of Selfish Node Attacks In Autoconfiguration of MANETs
Mitigation of Selfish Node Attacks In Autoconfiguration of MANETs
 
main_phase1 _3.pptx
main_phase1 _3.pptxmain_phase1 _3.pptx
main_phase1 _3.pptx
 
RASHMI VT REPORT
RASHMI VT REPORTRASHMI VT REPORT
RASHMI VT REPORT
 
Ipv4 vs Ipv6 comparison
Ipv4 vs Ipv6 comparisonIpv4 vs Ipv6 comparison
Ipv4 vs Ipv6 comparison
 
Introduction to IPv6-UoN
Introduction to IPv6-UoNIntroduction to IPv6-UoN
Introduction to IPv6-UoN
 
A Survey On Next Generation Internet Protocol IPv6
A Survey On Next Generation Internet Protocol IPv6A Survey On Next Generation Internet Protocol IPv6
A Survey On Next Generation Internet Protocol IPv6
 
Resume-Sarthak P Shetty
Resume-Sarthak P ShettyResume-Sarthak P Shetty
Resume-Sarthak P Shetty
 
IMPROVING IPV6 ADDRESSING TYPES AND SIZE
IMPROVING IPV6 ADDRESSING TYPES AND SIZEIMPROVING IPV6 ADDRESSING TYPES AND SIZE
IMPROVING IPV6 ADDRESSING TYPES AND SIZE
 
Ip, subnet, gateway and routers
Ip, subnet, gateway and routersIp, subnet, gateway and routers
Ip, subnet, gateway and routers
 
A017510102
A017510102A017510102
A017510102
 

Recently uploaded

The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Suman Mia
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningmisbanausheenparvam
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024hassan khalil
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Analog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAnalog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAbhinavSharma374939
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations120cr0395
 

Recently uploaded (20)

The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learning
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Analog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAnalog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog Converter
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
 

A Survey on IPv6 Secure Link Local Communication Models, Techniques and Tools

  • 1. ISSN(Online): 2456-8805 Dr. P. Sumathi et al., International Journal of Advanced Research in Innovative Discoveries in Engineering and Applications[IJARIDEA] Vol.2, Issue 6,27 December 2017, pg. 1-6 © 2017, IJARIDEA All Rights Reserved 1 A Survey on IPv6 Secure Link Local Communication Models, Techniques and Tools Dr. P. Sumathi1 , Dr. Saroj Patel2 , A. Prabhakaran3 1 Assistant Professor, PG & Research, Department of Computer Science, Government Arts College, Coimbatore, India 2 Associate Professor, Department of Mathematics, Jodhpur National University Jodhpur, Rajasthan, India 3 Ph.D. Scholar, Department of Computer Application, Jodhpur National University, Jodhpur, Rajasthan, India Abstract— The Neighbor Discovery Protocol (NDP) is a protocol in the Internet Protocol suite used with Internet Protocol Version (IPv6). The major responsible for NDP is auto-configuration of nodes, discovery of other nodes on the link, determining the network and data link layer addresses of other nodes, detect duplicate address detection, finding available routers, address prefix discovery, and maintaining reachability information about the paths to other active neighbor nodes. If NDP is not secure and there is a potential for breaking the local area network protection. NDP has some basic protection mechanisms based on the scope of NDP. Neighbor Discovery Protocol message cannot be injected into the network infrastructure from beyond the directly connected data link layer access networks. This protection shield is not enough to completely protect local area network. Therefore without securing NDP vulnerable to various attacks which can be categorized as spoofing, Denial of Service (DoS), Replay, Redirect and Rogue routing information attacks. SEND is a newly specified technology that makes use of Cryptographically Generated Addresses (CGA) to protect the NDP that is used in IPv6 networks to bind the network layer to the data link layer in the protocol stack. Secure Neighbor Discovery (SEND) Protocol offers three additional features to NDP address ownership proof, message protection and a router authorization mechanism. The aim of this paper is to provide a better understanding IPv6 Secure Link Local communication Models, Techniques and Tools. Keywords— IPv6, Link-Local Communication, NDP, SEND. I. INTRODUCTION The Internet Engineering Task Force (IETF) is the organization that is responsible for defining the Internet Protocol standards. When the IETF developed IPv4, the global expansion of the Internet and the current Internet security issues were not anticipated. In IPv4 original design, network security was only given minor consideration. The public Internet grew to the point where people in most parts of the world could connect to the Internet, many companies connected to the Internet for a variety of applications, with the predominate applications being email and web. In the early 1990s, the IETF realized that a new version of Internet Protocol would be needed, and the Task Force started by drafting the new protocol's requirements. IP Next Generation (IPng) was created. IPv6 is the second network layer standard protocol that follows IPv4 for computer communications across the Internet and other computer networks. IPv6 offers several compelling functions and is really the next step in the evolution of the Internet Protocol. These improvements came in the form of increased address size, a streamlined header format, extensible headers, and the ability to preserve the confidentiality and integrity of communications. IPv6 provides several improvements over its predecessor. IPv6 and IPv4 are both network layer protocols, many of the network layer vulnerabilities are therefore similar. However, because the protocol layers above and below the IP layer remain the same for either IP version, many of those attacks will not change. Because the two protocols are related, the similarities between the protocols can create
  • 2. ISSN(Online): 2456-8805 Dr. P. Sumathi et al., International Journal of Advanced Research in Innovative Discoveries in Engineering and Applications[IJARIDEA] Vol.2, Issue 6,27 December 2017, pg. 1-6 © 2017, IJARIDEA All Rights Reserved 2 similar attack patterns. IPv6 could improve security in some areas, but in other areas, it could also open new threats. Neighbor Discovery Protocol is one of the main protocols in the IPv6 suite. It is heavily used for several critical functions such as discovering other existing nodes on the same link, determining others link layer addresses, detecting duplicate addresses, finding routers and maintaining reachability information about paths to active neighbor. Only a few and limited techniques have been introduced to eliminate threats within Neighbor Discovery Protocol. Internet Protocol Security (IPSec) is mandatory for IPv6, so it is logic consequence to use IPSec as a solution for the threats within Neighbor Discovery Protocol. IPSec Authentication Header (AH) could be implemented with Neighbor Discovery Protocol Neighbor Solicitation and Neighbor Advertisement messages to secure the communication between the nodes. Because of the bootstrap problem arise when using Internet Key Exchange (IKE) to create the Security Association (SA) of the IPSec; SA could only be configured manually which is impractical and tedious task when the networks have large number of nodes. [6] discussed about a project, The effective incentive scheme is proposed to stimulate the forwarding cooperation of nodes in VANETs. In a coalitional game model, every relevant node cooperates in forwarding messages as required by the routing protocol. This scheme is extended with constrained storage space. A lightweight approach is also proposed to stimulate the cooperation. As a Future Enhancement, we further reduce the length of communication overhead and there by the link failures can be reduced. II. IPV6 SECURE LINK LOCAL COMMUNICATION The NDP for IPv6 provides the mechanism required to accomplish the Router Discovery, Prefix Discovery, Parameter Discovery, Address Auto configuration, Address resolution, Next-hop determination, Neighbor Unreachability Detection, Duplicate Address Detection, and Redirect. NDP defines a number of new ICMPv6 messages: Router Solicitation (RS), Router Advertisement (RA), Neighbor Solicitation (NS), Neighbor Advertisement (NA), and Redirect. During bootstrapping hosts need to discover routers and network information and configure their IPv6 interfaces [7]. To accomplish the router discovery the node sends RS messages to all routers multicast address. The response from the routers should be a RA carrying the expected information. To achieve the prefix discovery, a node uses either a manually configured IPv6 address for each interface or generates a link-local IPv6 address as specified in RFC 4862 [1]. In addition, DAD (Duplicate Address Detection) must be performed for every address prior to assigning this address to an interface. DAD consists of sending up to DupAddrDetectTransmits, Neighbor Solicitation messages that carry the address that the node is checking for duplicates in the Target Address field. The IPv6 source address of NS is the unspecified address and the destination address is the Solicited node multicast address of the target. If there is no answer within a certain period of time then depending on the value of DupAddrDetectTransmits, another NS is sent or the address is assumed to be unique that no other node is using the same address. Both constants are defined in RFC 4861 [2] and RFC 4862 [1] respectively, with default values of 1,000 milliseconds and one respectively. After the node’s interfaces are configured, when a node wants to send a packet to a neighbor, it first sends a NS message to the Solicited node multicast address in order to resolve the target’s link-layer address. One of the most common assumptions about IPv6 is that it is designed to be secure. Such assumptions are a result of incorporating IPSec Authentication Headers into the IPv6 protocol suite.
  • 3. ISSN(Online): 2456-8805 Dr. P. Sumathi et al., International Journal of Advanced Research in Innovative Discoveries in Engineering and Applications[IJARIDEA] Vol.2, Issue 6,27 December 2017, pg. 1-6 © 2017, IJARIDEA All Rights Reserved 3 The implementation of a process responsible for securely transporting the keys has eight different modes of operation. Some key exchanges can be done automatically others must have a manual element. One of the goals of auto configuration is to have the entire process occur automatically and without any human interaction. The automatic key exchanges can occur only between hosts with already established IPv6 addresses. Neighbor Discovery Protocol is not secure and there is a potential for breaking the local network protection. Neighbor Discovery Protocol has some basic protection mechanisms based on the scope of Neighbor Discovery Protocol. It is a link-local protocol, so the source address must be either unspecified (::/128) or a link-local address, and the hop limit must be set to 255. Also, the routers do not forward link-local address. Thus NDP message cannot be injected into the network infrastructure from beyond the directly connected data link layer access networks. III. THREAT AND VULNERABILITY ON IPV6 LINK LOCAL COMMUNICATION IP Security(IPSec), is a framework of open standards developed by the Internet Engineering Task Force that provide security for transmission of sensitive information over unprotected networks such as the Internet. IPSec acts at the network layer, protecting and authenticating IP packets between participating IPSec devices. In IPv6, IPSec is implemented using the AH authentication header and the ESP extension header. The authentication header provides integrity and authentication of the source. The authentication header protects the integrity of most of the IP header fields and authenticates the source through a signature-based algorithm. The ESP header provides confidentiality, authentication of the source, connectionless integrity of the inner packet and limited traffic flow confidentiality. The Internet Key Exchange (IKE) protocol is a key management protocol standard that is used in conjunction with IPSec. IPsec can be configured without IKE, but IKE enhances IPSec by providing additional features, flexibility, and ease of configuration for the IPSec standard. IKE is a hybrid protocol that implements the key exchange inside the Internet Security Association Key Management Protocol (ISAKMP) framework ISAKMP, Key exchange are security protocols implemented by IKE. This functionality is similar to the security gateway model using IPv4 IPSec protection. IV.SECURE NEIGHBOR DISCOVERY PROTOCOL Secure Neighbor Discovery (SEND) Protocol is a newly specified technology that makes use of Cryptographically Generated Addresses (CGA) to protect the NDP that is used in IPv6 networks to bind the network layer to the data link layer in the protocol stack. SEND offers three additional features to NDP address ownership proof, message protection and a router authorization mechanism. To achieve these additional features, SEND comes with five new options CGA Generation, CGA Verification, RSA signature, nonce, and Timestamp [4]. 1. CGA Generation The CGA algorithm uses input values as Public Key, Modifier (128 bits), Subnet Prefix (64bits) and Sec value. The cost of creating a new CGA depends on the security parameter Sec, which can take on values from 0 to 3. If Sec = 0, a CGA can be created from the hash input with a straightforward algorithm that just computes a suitable hash and embeds it into the address [5]. The output from the CGA algorithm is a CGA address and a CGA
  • 4. ISSN(Online): 2456-8805 Dr. P. Sumathi et al., International Journal of Advanced Research in Innovative Discoveries in Engineering and Applications[IJARIDEA] Vol.2, Issue 6,27 December 2017, pg. 1-6 © 2017, IJARIDEA All Rights Reserved 4 Parameters. The CGA generation begins with the determination of the address owner's Public Key and by selecting the proper “Sec” value. 2. CGA Verification The first step of the verification process is to extract various parameters from the ICMPv6 CGA Option. HASH1 and HASH2 are then calculated with the exception of the 7th and 8th bits (universal/global bits) and the first three Sec bits, the leftmost 64 bits of HASH1 should be identical to the interface identifier portion of the IPv6 address. 3. RSA Signature SEND uses the RSA Signature option to authenticate the identity of the sender and to prevent an attacker from spoofing CGA addresses. The public key signatures maintain the integrity of the messages and authenticate the sender identity. Once the public key is obtained from CGA Option, the receiver can use it to decrypt messages encrypted with the corresponding private key. ICMPv6 Option 12 allows us to use RSA digital signatures to establish authenticity of such packet exchanges. Key Hash—leftmost 128 bits of SHA-1 of the public key used for constructing the signature [8]. 4. Timestamp The Timestamp option provides replay protection and ensures that unsolicited advertisements and redirects have not been replayed such as periodic RA and Redirect. The timestamp contains the time elapsed since Jan 1st, 1970, 00:00 UTC. 48 bits are used for seconds, and 16 bits for 1/64K seconds. The RFC 3971 [3] defines some parameters for adjusting the permissible drift in sender and receiver clocks. 5. Nonce A random or pseudo-random number generated by a node and used exactly once. In SEND Protocol, the option is used to prevent a replay attack in solicited messages, such as NS/NA and RS/RA. SEND Protocol can use third parties as verifiers of node identity. This process is referred to as the Authentication Delegation Discovery. To begin such a process, a host needs to know a Trust Anchor to confirm that a given router is authorized to perform router duties. This is a feature without a corresponding ND function, and to accommodate it the SEND protocol implements two new ICMPv6 Message Types are Certification Path Solicitation (CPS) and Certification Path Advertisement (CPA) [9]. V. DISCUSSION ON SECURE LINK LOCAL Realizing the importance of NDP security, IPv6 have included a security mechanism in it to protect IP based communications. The modern operating system lacks support for SEND Protocol, the security standard without sophisticated implementations [10]. Cisco and Juniper, have various levels of support for SEND Protocol in their routers, no major operating system provides a good level of support. Current SEND implementations for specific OS distribution, some of these implementations DoCoMo's SeND (send-0.2), NDprotector, Easy-SEND, and Windows Secure Neighbor Discovery (WinSEND) are done in the user space and others Native SeND Kernel API for BSD (send-0.3), TrustRouter and ipv6-send-cga at the kernel level [11]. Table 1 shows the Summary of the Different type of SEND Methods with a brief description TABLE I SUMMARY OF THE DIFFERENT TYPE OF SEND PROTOCOL METHODS Method First Release Language Based On Operating System Availability (site)
  • 5. ISSN(Online): 2456-8805 Dr. P. Sumathi et al., International Journal of Advanced Research in Innovative Discoveries in Engineering and Applications[IJARIDEA] Vol.2, Issue 6,27 December 2017, pg. 1-6 © 2017, IJARIDEA All Rights Reserved 5 DoCoMo's SEND 2008 C - Language Linux, FreeBSD Support has been stopped Native SeND Kernel API 2010 C - Language Linux, FreeBSD http://p4web.freebsd.org ipv6-send-cga(Huawei and BUPT) 2009 C-Language Linux https://code.google.com/p/ipv6-send-cga/ Easy-SEND 2009 Java Linux http://easy-send.sourceforge.net/ ND Protector 2011 Python Linux http://amnesiak.org/NDprotector/ WinSEND 2011 .NET Windows Not support by Microsoft TrustRouter 2012 Python and C Linux, Windows, Mac OS X https://github.com/TrustRouter/TrustRouter Cisco IOS 12.4(24)T 2009 IOS 12.4T Cisco Router http://www.cisco.com/cisco/web/support/inde x.html SEND Protocol perform two ICMPv6 messages for identifying the router authorization process. All the methods (Table 1) mainly work in the network layer. All ND messages without the CGA and RSA signature options are to be treated as regular ND. There is also an option for specifying which authorization method. SEND Protocol has a number of disadvantages that causes the NDP extension not being widely implemented [12]. The CGA option cannot assure the identity of real node and it also not sufficient to ensure the CGA address that belongs to appropriate node. Attacker could steal NDP message and change the CGA parameters. Another major disadvantage is the implementation of SEND Protocol results in more processing cycles that consume CPU of nodes as well as bandwidth. Table 2 highlights a summary of mitigation methods on IPv6 security and identifying their strength and weaknesses. TABLE II STRENGTH AND WEAKNESS OF SEND METHODS Method Strength Weakness DoCoMo's SEND Operating system user space. Users can verify information related to the internal states and the operations executed by the application and distributed independently. Limited debugging mode. Implementation does not handle DAD collisions. Processing overhead, effectively prohibiting production deployment in high-speed networking environments. Available only in FreeBSD and DragonFlyBSD. Native SeND Kernel API for BSD Easy to use and portable. Implementation is completely in user space and self-contained. Implementation is completely independent of the kernel. And does not handle DAD collisions. No reliability and security. Huawei and BUPT (ipv6-send- cga) Operating system user-space. ECC algorithm is implemented as an alternative signature algorithm. A simple CRL verification mechanism. Research prototype, bugs that sometimes could even cause kernel crashes. Easy-SEND Works as a firewall between the network interface card and the IPv6 stack. Actual version is limited to the creation of a secure environment for IPv6 nodes. Hosts are not able to participate in the Router Discovery process. NDprotector The implementation uses the Private Key and adds an RSA signature option. The implementation is currently limited to Linux platform. WinSEND The User Interface allows users to set or modify WinSEND input parameters, Not supported in Windows Operating System. TrustRouter One-click solution that can be installed on clients running Linux, Mac OS X, and Windows. TrustRouter does not implement CGAs and does not secure neighbor advertisements. Cisco IOS IPv6 RA Guard, IPv6 ND Inspection mitigates Implementation is completely dependent and limited to other
  • 6. ISSN(Online): 2456-8805 Dr. P. Sumathi et al., International Journal of Advanced Research in Innovative Discoveries in Engineering and Applications[IJARIDEA] Vol.2, Issue 6,27 December 2017, pg. 1-6 © 2017, IJARIDEA All Rights Reserved 6 12.4(24)T some of the inherent vulnerabilities of duplicate address detection. Internetworking Operating System (IOS). VI.CONCLUSION NDP is important in IPv6 network for address resolution process. The implementation of SEND Protocol have a default assumption that communication link is safe and reliable, which is not correct in reality, the protocol facing biggest issue with the idea of CGA based on the speed of the computers currently in use. SEND Protocol is a research prototype need focused on protocol correctness, as well as much to be done in hardening the daemon itself against attack and making it more robust and stable also not commercial grade reliability and security. However, not many detailed instructions for using SEND protocol are available. The number of manually configured security associations needed for protecting NDP can be very large, which makes that approach impractical for most purposes. These threats need to be considered and eliminated. Future researches are requested in order to overcome the limitation of the proposed mechanism and to find a complete model to SEND Protocol. VII. REFERENCES [1] Dhanoj Mohan, Rathikarani, Gopakumar, Automation of Ration Shop Using PLC, IJMER, ISSN: 2249-6645, Vol. 3, Issue. 5, Sep - Oct. 2013 pp-2971-297. S. Thomson, T. Narten, and T. Jinmei, “IPv6 Stateless Address Autoconfiguration”, RFC 4862 (Standard), Internet Engineering Task Force, September 2007. URL https://tools.ietf.org/rfc/rfc4862.txt. Obsoletes by 2462. [2] Narten T., et al., “Neighbor Discovery for IP version 6 (IPv6)”, RFC 4861 (Standard), Internet Engineering Task Force, September 2007. URL https://tools.ietf.org/html/rfc4861. Obsoletes by 2461. [3] J. Arkko, J. Kempf, B. Zill, P. Nikander, “Secure Neighbor Discovery (SEND),” RFC 3971 (Proposed Standard), Internet Engineering Task Force, March 2005. URL https://tools.ietf.org/html/rfc3971. [4] J. Arkko, et al., “Securing IPv6 Neighbor and Router Discovery”, WiSE '02 Proceedings of the 1st ACM workshop on Wireless security, pp. 77-86, Sep. 2002. ISBN: 1-58113-585-8, DOI: 10.1145/570681.570690. [5] Implementing First Hop-Security in IPv6, Cisco Systems, 2011; Retrieved from www.cisco.com/c/en/us/td/docs/ios/ipv6/configuration/ guide/15_0sy/ipv6_15_0sy_book/ip6-first_hop_security.html. [6] Christo Ananth, "Incentive Scheme for Stimulation of Forwarding Cooperation of nodes in VANETs ", Rakuten Kobo Inc. Publishing, Toronto, Canada, ISBN: 978-81-910-751-4-4, October 2017, pp: 12-56. [7] Wendell Odom, “CCNP ROUTE 642-902”, Pearson Education Inc., Cisco Press, January 2010. pp. 529. ISBN-10: 1-58720-253-0, ISBN-13: 978-1-58720-253-7. [8] Weilin Xu et al., “NAPT66-Stateful IPv6-to IPv6 Network Address Port Translation”, Retrieved from https://code.google.com/p/napt66/. Accessed 20-June-2015. [9] Xiaoyu Zhao, et al., “A Lightweight AplusP Approach for public IPv4 Address Sharing in IPv6 Environments”, In 5th International Multi-Conference on Computing in the Global Information Technology (ICCGI), page 256-261, Valencia, Spain, September 20-25, 2010. Retrieved from http://dx.doi.org/10.1109/ICCGI.2010.21. [10]Ahmad AlSa'deh, HosniehRafiee, ChristophMeinel, “Secure Neighbor Discovey: A Cryptographic Solution for Securing Ipv6 Local Link Operations,” Chapter 8, pp : 178-196. [11]A. AlSa’deh and C. Meinel,"Secure Neighbor Discovery: Review, Challenges, Perspectives, and Recommendations," IEEE Security & Privacy Magazine, vol. 10, no. 4, pp. 26 –34, Aug. 2012. [12]Supriyanto, I.H. Hasbullah, R.J. Murugesan, S. Ramadass, “Survey of IPv6 Link Local Communication Security Vulnerability and Mitigation Methods,” IETE TECHNICAL REVIEW, vol 30, issue 1, pp. 64-71, Jan-Feb 2013.