Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network
Trust-ND is a trust-based distributed security mechanism to secure IPv6 link-local networks as an alternative to the highly complex Secure Neighbor Discovery (SEND) protocol. However, theoretical analysis and experimental research revealed that the Trust-ND protocol is susceptible to temporal Denial...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English |
Published: |
2023
|
Subjects: | |
Online Access: | http://eprints.usm.my/60423/1/IZNAN%20HUSAINY%20BIN%20HASBULLAH%20-%20TESIS24.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my-usm-ep.60423 |
---|---|
record_format |
uketd_dc |
spelling |
my-usm-ep.604232024-04-24T08:32:24Z Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network 2023-09 Hasbullah, Iznan Husainy T1-995 Technology(General) Trust-ND is a trust-based distributed security mechanism to secure IPv6 link-local networks as an alternative to the highly complex Secure Neighbor Discovery (SEND) protocol. However, theoretical analysis and experimental research revealed that the Trust-ND protocol is susceptible to temporal Denial-of-Service vulnerabilities due to timestamp reference, field size and format, and verification rule. This research aims to prevent temporal DoS vulnerabilities on IPv6 link-local networks by enhancing Trust-ND without jeopardizing its original structure to retain its advantages over SEND. The proposed enhanced version of Trust-ND, called eTrustND, addresses the vulnerabilities in three stages, (i) Timestamp Formulation, (ii) Enhanced Trust-ND, and (iii) Rule-based verification mechanism. The first stage changes the reference time from system time to UTC, the 24-hour time format in hexadecimal to epoch second in integer. It also increases the precision from one hundredth to one ten-thousandth second. The second stage utilizes the Trust-ND’s Reserved field for the sub-second value and changes the timestamp field data type from byte to IntField. The third stage proposes a rule-based verification mechanism to handle out-of-sync computer clocks, preventing temporal DoS vulnerabilities. The experiment results on a testbed demonstrate that eTrustND prevents temporal-based DoS vulnerabilities without jeopardizing the original Trust-ND packet structure and adding overheads (computation and bandwidth). 2023-09 Thesis http://eprints.usm.my/60423/ http://eprints.usm.my/60423/1/IZNAN%20HUSAINY%20BIN%20HASBULLAH%20-%20TESIS24.pdf application/pdf en public masters Universiti Sains Malaysia Pusat IPv6 Termaju Negara |
institution |
Universiti Sains Malaysia |
collection |
USM Institutional Repository |
language |
English |
topic |
T1-995 Technology(General) |
spellingShingle |
T1-995 Technology(General) Hasbullah, Iznan Husainy Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
description |
Trust-ND is a trust-based distributed security mechanism to secure IPv6 link-local networks as an alternative to the highly complex Secure Neighbor Discovery (SEND) protocol. However, theoretical analysis and experimental research revealed that the Trust-ND protocol is susceptible to temporal Denial-of-Service vulnerabilities due to timestamp reference, field size and format, and verification rule. This research aims to prevent temporal DoS vulnerabilities on IPv6 link-local networks by enhancing Trust-ND without jeopardizing its original structure to retain its advantages over SEND. The proposed enhanced version of Trust-ND, called eTrustND, addresses the vulnerabilities in three stages, (i) Timestamp Formulation, (ii) Enhanced Trust-ND, and (iii) Rule-based verification mechanism. The first stage changes the reference time from system time to UTC, the 24-hour time format in hexadecimal to epoch second in integer. It also increases the precision from one hundredth to one ten-thousandth second. The second stage utilizes the Trust-ND’s Reserved field for the sub-second value and changes the timestamp field data type from byte to IntField. The third stage proposes a rule-based verification mechanism to handle out-of-sync computer clocks, preventing temporal DoS vulnerabilities. The experiment results on a testbed demonstrate that eTrustND prevents temporal-based DoS vulnerabilities without jeopardizing the original Trust-ND packet structure and adding overheads (computation and bandwidth). |
format |
Thesis |
qualification_level |
Master's degree |
author |
Hasbullah, Iznan Husainy |
author_facet |
Hasbullah, Iznan Husainy |
author_sort |
Hasbullah, Iznan Husainy |
title |
Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
title_short |
Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
title_full |
Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
title_fullStr |
Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
title_full_unstemmed |
Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
title_sort |
enhanced trust-nd protocol to prevent temporal denial-of-service vulnerabilities on ipv6 link-local network |
granting_institution |
Universiti Sains Malaysia |
granting_department |
Pusat IPv6 Termaju Negara |
publishDate |
2023 |
url |
http://eprints.usm.my/60423/1/IZNAN%20HUSAINY%20BIN%20HASBULLAH%20-%20TESIS24.pdf |
_version_ |
1804888933652234240 |