Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network
Trust-ND is a trust-based distributed security mechanism to secure IPv6 link-local networks as an alternative to the highly complex Secure Neighbor Discovery (SEND) protocol. However, theoretical analysis and experimental research revealed that the Trust-ND protocol is susceptible to temporal Denial...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2023
|
| Subjects: | |
| Online Access: | http://eprints.usm.my/60423/1/IZNAN%20HUSAINY%20BIN%20HASBULLAH%20-%20TESIS24.pdf http://eprints.usm.my/60423/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.usm.eprints.60423 |
|---|---|
| record_format |
eprints |
| spelling |
my.usm.eprints.60423 http://eprints.usm.my/60423/ Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network Hasbullah, Iznan Husainy T1-995 Technology(General) Trust-ND is a trust-based distributed security mechanism to secure IPv6 link-local networks as an alternative to the highly complex Secure Neighbor Discovery (SEND) protocol. However, theoretical analysis and experimental research revealed that the Trust-ND protocol is susceptible to temporal Denial-of-Service vulnerabilities due to timestamp reference, field size and format, and verification rule. This research aims to prevent temporal DoS vulnerabilities on IPv6 link-local networks by enhancing Trust-ND without jeopardizing its original structure to retain its advantages over SEND. The proposed enhanced version of Trust-ND, called eTrustND, addresses the vulnerabilities in three stages, (i) Timestamp Formulation, (ii) Enhanced Trust-ND, and (iii) Rule-based verification mechanism. The first stage changes the reference time from system time to UTC, the 24-hour time format in hexadecimal to epoch second in integer. It also increases the precision from one hundredth to one ten-thousandth second. The second stage utilizes the Trust-ND’s Reserved field for the sub-second value and changes the timestamp field data type from byte to IntField. The third stage proposes a rule-based verification mechanism to handle out-of-sync computer clocks, preventing temporal DoS vulnerabilities. The experiment results on a testbed demonstrate that eTrustND prevents temporal-based DoS vulnerabilities without jeopardizing the original Trust-ND packet structure and adding overheads (computation and bandwidth). 2023-09 Thesis NonPeerReviewed application/pdf en http://eprints.usm.my/60423/1/IZNAN%20HUSAINY%20BIN%20HASBULLAH%20-%20TESIS24.pdf Hasbullah, Iznan Husainy (2023) Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network. Masters thesis, Universiti Sains Malaysia. |
| institution |
Universiti Sains Malaysia |
| building |
Hamzah Sendut Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Sains Malaysia |
| content_source |
USM Institutional Repository |
| url_provider |
http://eprints.usm.my/ |
| language |
English |
| topic |
T1-995 Technology(General) |
| spellingShingle |
T1-995 Technology(General) Hasbullah, Iznan Husainy Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| description |
Trust-ND is a trust-based distributed security mechanism to secure IPv6 link-local networks as an alternative to the highly complex Secure Neighbor Discovery (SEND) protocol. However, theoretical analysis and experimental research revealed that the Trust-ND protocol is susceptible to temporal Denial-of-Service vulnerabilities due to timestamp reference, field size and format, and verification rule. This research aims to prevent temporal DoS vulnerabilities on IPv6 link-local networks by enhancing Trust-ND without jeopardizing its original structure to retain its advantages over SEND. The proposed enhanced version of Trust-ND, called eTrustND, addresses the vulnerabilities in three stages, (i) Timestamp Formulation, (ii) Enhanced Trust-ND, and (iii) Rule-based verification mechanism. The first stage changes the reference time from system time to UTC, the 24-hour time format in hexadecimal to epoch second in integer. It also increases the precision from one hundredth to one ten-thousandth second. The second stage utilizes the Trust-ND’s Reserved field for the sub-second value and changes the timestamp field data type from byte to IntField. The third stage proposes a rule-based verification mechanism to handle out-of-sync computer clocks, preventing temporal DoS vulnerabilities. The experiment results on a testbed demonstrate that eTrustND prevents temporal-based DoS vulnerabilities without jeopardizing the original Trust-ND packet structure and adding overheads (computation and bandwidth). |
| format |
Thesis |
| author |
Hasbullah, Iznan Husainy |
| author_facet |
Hasbullah, Iznan Husainy |
| author_sort |
Hasbullah, Iznan Husainy |
| title |
Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title_short |
Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title_full |
Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title_fullStr |
Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title_full_unstemmed |
Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title_sort |
enhanced trust-nd protocol to prevent temporal denial-of-service vulnerabilities on ipv6 link-local network |
| publishDate |
2023 |
| url |
http://eprints.usm.my/60423/1/IZNAN%20HUSAINY%20BIN%20HASBULLAH%20-%20TESIS24.pdf http://eprints.usm.my/60423/ |
| _version_ |
1797907864495325184 |
| score |
13.160551 |