Prevention Mechanism Against Denial Of Service Attack On Duplicate Address Detection Process In Ipv6 Link-Local Networks

This thesis aims to introduce a prevention mechanism called DAD-match that comprises three stages, namely, (i) the tentative IP address generation stage, which aims to hide a tentative IP address by using a (cryptographic hash function), (ii) the secure NS and NA messages stage, which aims to secure...

وصف كامل

محفوظ في:
التفاصيل البيبلوغرافية
المؤلف الرئيسي: Ibrahim Al-Ani, Ahmed Khallel
التنسيق: أطروحة
اللغة:English
منشور في: 2020
الموضوعات:
الوصول للمادة أونلاين:http://eprints.usm.my/55543/1/Pages%20from%20Ahmed%20K.%20Al-Ani%20Thesis%202019%20-%20VIVA%20UPDATED2%20cut.pdf
الوسوم: إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
الوصف
الملخص:This thesis aims to introduce a prevention mechanism called DAD-match that comprises three stages, namely, (i) the tentative IP address generation stage, which aims to hide a tentative IP address by using a (cryptographic hash function), (ii) the secure NS and NA messages stage, which aims to secure NS and NA messages by using the NDP experimental option and (iii) the DoS on DAD prevention stage, which aims to prevent a DoS attack during the DAD process by designing a rule-based mechanism. The proposed DAD-match mechanism is evaluated in terms of its processing time, bandwidth consumption and DoS prevention success rate by using different scenarios, and its performance is compared with existing mechanisms, including Standard-DAD, SeND, Trust-ND and HSEC-Target-DAD. The results show that DAD-match reduces the processing time by approximately 95.5%, 28.58% and 84.93% compared with SeND, Trust-ND and HSEC-Target-DAD, respectively.