Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network
Trust-ND is a trust-based distributed security mechanism to secure IPv6 link-local networks as an alternative to the highly complex Secure Neighbor Discovery (SEND) protocol. However, theoretical analysis and experimental research revealed that the Trust-ND protocol is susceptible to temporal Denial...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2023
|
| Subjects: | |
| Online Access: | http://eprints.usm.my/60423/1/IZNAN%20HUSAINY%20BIN%20HASBULLAH%20-%20TESIS24.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-usm-ep.60423 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-usm-ep.604232024-04-24T08:32:24Z Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network 2023-09 Hasbullah, Iznan Husainy T1-995 Technology(General) Trust-ND is a trust-based distributed security mechanism to secure IPv6 link-local networks as an alternative to the highly complex Secure Neighbor Discovery (SEND) protocol. However, theoretical analysis and experimental research revealed that the Trust-ND protocol is susceptible to temporal Denial-of-Service vulnerabilities due to timestamp reference, field size and format, and verification rule. This research aims to prevent temporal DoS vulnerabilities on IPv6 link-local networks by enhancing Trust-ND without jeopardizing its original structure to retain its advantages over SEND. The proposed enhanced version of Trust-ND, called eTrustND, addresses the vulnerabilities in three stages, (i) Timestamp Formulation, (ii) Enhanced Trust-ND, and (iii) Rule-based verification mechanism. The first stage changes the reference time from system time to UTC, the 24-hour time format in hexadecimal to epoch second in integer. It also increases the precision from one hundredth to one ten-thousandth second. The second stage utilizes the Trust-ND’s Reserved field for the sub-second value and changes the timestamp field data type from byte to IntField. The third stage proposes a rule-based verification mechanism to handle out-of-sync computer clocks, preventing temporal DoS vulnerabilities. The experiment results on a testbed demonstrate that eTrustND prevents temporal-based DoS vulnerabilities without jeopardizing the original Trust-ND packet structure and adding overheads (computation and bandwidth). 2023-09 Thesis http://eprints.usm.my/60423/ http://eprints.usm.my/60423/1/IZNAN%20HUSAINY%20BIN%20HASBULLAH%20-%20TESIS24.pdf application/pdf en public masters Universiti Sains Malaysia Pusat IPv6 Termaju Negara |
| institution |
Universiti Sains Malaysia |
| collection |
USM Institutional Repository |
| language |
English |
| topic |
T1-995 Technology(General) |
| spellingShingle |
T1-995 Technology(General) Hasbullah, Iznan Husainy Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| description |
Trust-ND is a trust-based distributed security mechanism to secure IPv6 link-local networks as an alternative to the highly complex Secure Neighbor Discovery (SEND) protocol. However, theoretical analysis and experimental research revealed that the Trust-ND protocol is susceptible to temporal Denial-of-Service vulnerabilities due to timestamp reference, field size and format, and verification rule. This research aims to prevent temporal DoS vulnerabilities on IPv6 link-local networks by enhancing Trust-ND without jeopardizing its original structure to retain its advantages over SEND. The proposed enhanced version of Trust-ND, called eTrustND, addresses the vulnerabilities in three stages, (i) Timestamp Formulation, (ii) Enhanced Trust-ND, and (iii) Rule-based verification mechanism. The first stage changes the reference time from system time to UTC, the 24-hour time format in hexadecimal to epoch second in integer. It also increases the precision from one hundredth to one ten-thousandth second. The second stage utilizes the Trust-ND’s Reserved field for the sub-second value and changes the timestamp field data type from byte to IntField. The third stage proposes a rule-based verification mechanism to handle out-of-sync computer clocks, preventing temporal DoS vulnerabilities. The experiment results on a testbed demonstrate that eTrustND prevents temporal-based DoS vulnerabilities without jeopardizing the original Trust-ND packet structure and adding overheads (computation and bandwidth). |
| format |
Thesis |
| qualification_level |
Master's degree |
| author |
Hasbullah, Iznan Husainy |
| author_facet |
Hasbullah, Iznan Husainy |
| author_sort |
Hasbullah, Iznan Husainy |
| title |
Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title_short |
Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title_full |
Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title_fullStr |
Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title_full_unstemmed |
Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title_sort |
enhanced trust-nd protocol to prevent temporal denial-of-service vulnerabilities on ipv6 link-local network |
| granting_institution |
Universiti Sains Malaysia |
| granting_department |
Pusat IPv6 Termaju Negara |
| publishDate |
2023 |
| url |
http://eprints.usm.my/60423/1/IZNAN%20HUSAINY%20BIN%20HASBULLAH%20-%20TESIS24.pdf |
| _version_ |
1804888933652234240 |