A New Concept of Duplicate Address Detection Processes in IPv6 Link-Local Network

IF 1.3 Q4 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

International Journal of Innovative Computing Information and Control Pub Date : 2022-11-20 DOI:10.11113/ijic.v12n2.368

Adamu Abubakar Ibrahim, Rawad Abdulkhaleq Abdulmolla Abdulghafor, Sharyar Wani

{"title":"A New Concept of Duplicate Address Detection Processes in IPv6 Link-Local Network","authors":"Adamu Abubakar Ibrahim, Rawad Abdulkhaleq Abdulmolla Abdulghafor, Sharyar Wani","doi":"10.11113/ijic.v12n2.368","DOIUrl":null,"url":null,"abstract":"The Neighbor Discovery Protocol (NDP) enables nodes on the same IPv6 link to advertise their existence to their neighbors and learn about their neighbors’ existences in an IPv6 link-local network. Duplicate Address Detection (DAD) on NDP is used to determine whether or not an address requested by a node is already in use by another node. The Neighbor Solicitation (NS) and Neighbor Advertisement (NA) operations are associated to DAD checks in order to ensure that each interface within the transmission session is unique. Unfortunately, NS and NA operations have a significant disadvantage in that they are based on insecure architectures and lack verification procedures for determining whether incoming messages originate from a valid or illegitimate node. This will eventually allow any node in the same link to be manipulated during NS and NA message transmission sessions. Despite some attempts to secure the entire NDP operations, they still suffer from computing resources requirement for their operations. As a result, this study proposes an Initial Neighbor Inspection (INI) on DAD operation. The proposed techniques allow for an initial round of verification of the nodes on the same link before a broadcast request on the existence of neighbors, which is followed by another round of learning about neighbors’ existences. Conclusively, using this idea, as a simple verification will indicate the presence of neighbors, we may restrict solicitation and advertising to only those who are eligible. This means that the computational processing time for NS and NA on DAD operations would not rise.","PeriodicalId":50314,"journal":{"name":"International Journal of Innovative Computing Information and Control","volume":"67 1","pages":""},"PeriodicalIF":1.3000,"publicationDate":"2022-11-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Innovative Computing Information and Control","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.11113/ijic.v12n2.368","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 1

Abstract

The Neighbor Discovery Protocol (NDP) enables nodes on the same IPv6 link to advertise their existence to their neighbors and learn about their neighbors’ existences in an IPv6 link-local network. Duplicate Address Detection (DAD) on NDP is used to determine whether or not an address requested by a node is already in use by another node. The Neighbor Solicitation (NS) and Neighbor Advertisement (NA) operations are associated to DAD checks in order to ensure that each interface within the transmission session is unique. Unfortunately, NS and NA operations have a significant disadvantage in that they are based on insecure architectures and lack verification procedures for determining whether incoming messages originate from a valid or illegitimate node. This will eventually allow any node in the same link to be manipulated during NS and NA message transmission sessions. Despite some attempts to secure the entire NDP operations, they still suffer from computing resources requirement for their operations. As a result, this study proposes an Initial Neighbor Inspection (INI) on DAD operation. The proposed techniques allow for an initial round of verification of the nodes on the same link before a broadcast request on the existence of neighbors, which is followed by another round of learning about neighbors’ existences. Conclusively, using this idea, as a simple verification will indicate the presence of neighbors, we may restrict solicitation and advertising to only those who are eligible. This means that the computational processing time for NS and NA on DAD operations would not rise.

查看原文本刊更多论文

IPv6链路本地网络中重复地址检测过程的新概念

在IPv6链路本地网络中，NDP (Neighbor Discovery Protocol)协议允许同一IPv6链路上的节点向邻居通告自己的存在，并了解邻居的存在情况。NDP上的重复地址检测(Duplicate Address Detection, DAD)用于确定一个节点请求的地址是否已被另一个节点使用。NS (Neighbor Solicitation)和NA (Neighbor Advertisement)操作与DAD检查相关联，以确保传输会话中的每个接口都是唯一的。不幸的是，NS和NA操作有明显的缺点，因为它们基于不安全的架构，并且缺乏确定传入消息是否来自有效或非法节点的验证过程。这将最终允许在NS和NA消息传输会话期间操纵同一链路中的任何节点。尽管有些尝试确保整个NDP操作的安全，但它们仍然受到其操作所需的计算资源的影响。因此，本研究提出了一种DAD手术的初始邻居检查(INI)方法。提出的技术允许在广播邻居是否存在的请求之前对同一链路上的节点进行初始验证，然后再进行另一轮邻居是否存在的学习。最后，使用这个想法，作为一个简单的验证将表明邻居的存在，我们可以限制征求和广告只对那些符合条件的人。这意味着NS和NA在DAD操作上的计算处理时间不会增加。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Innovative Computing Information and Control 工程技术-计算机：人工智能

CiteScore

3.20

自引率

20.00%

发文量

审稿时长

4.3 months

期刊介绍： The primary aim of the International Journal of Innovative Computing, Information and Control (IJICIC) is to publish high-quality papers of new developments and trends, novel techniques and approaches, innovative methodologies and technologies on the theory and applications of intelligent systems, information and control. The IJICIC is a peer-reviewed English language journal and is published bimonthly