Title :
An improved SEND protocol against DoS attacks in Mobile IPv6 environment
Author :
Huang, Meigen ; Liu, Jianrong ; Zhou, Yunjie
Author_Institution :
Chongqing Univ. of Posts & Telecommun., Chongqing, China
Abstract :
Neighbor discovery protocol can be used to communicate between neighboring nodes in the mobile IPv6 environment. For a secure neighbor discovery protocol, the IETF SEND working group standardized a secure neighbor discovery protocol, and a cryptographically generated address protocol. Neighbor Discovery protocol can be provided with secure functions by adding the RSA signature option and the CGA parameter option. But there are still attacks against SEND itself, particularly, denial-of-service attacks. Because the CGA verification consumes large amount of computing resources, attackers may forge a large number of attack data packages to make the node run out of resources. To provide the safeguard of secure neighbor discovery protocol in mobile IPv6 environment, we propose a mechanism that prevent SEND from part of DoS attacks by adding a set message interaction before CGA verification without a certification authority or any security infrastructure.
Keywords :
IP networks; cryptographic protocols; mobile radio; telecommunication security; CGA parameter option; DoS attacks; IETF SEND working group; RSA signature option; cryptographically generated address protocol; denial-of-service attacks; improved SEND protocol; mobile IPv6 environment; secure neighbor discovery protocol; Authorization; Computer crime; Counting circuits; Cryptographic protocols; Multicast protocols; Neodymium; Protection; Public key; Public key cryptography; Security; DoS Attack; MIPv6; NDP; SEND;
Conference_Titel :
Network Infrastructure and Digital Content, 2009. IC-NIDC 2009. IEEE International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-4898-2
Electronic_ISBN :
978-1-4244-4900-6
DOI :
10.1109/ICNIDC.2009.5360962
