Preventing Denial-of-service in Next Generation Internet Protocol Mobility

Abstract

Internet Protocol version 6 (IPv6) is a next-generation internet protocol that is devised to replace its predecessor, the IPv4. With the benefit of ample address space, flexible header extensions and its many specific features, IPv6 is the future of the Internet and Internetworking. A significant advantage of IPv6 is its capabilities in the domain of security and mobility, where it scores in comparison with its predecessor. One of the many features specific to IPv6, such as the mandatory IPsec messaging or address auto-configuration, is the Neighbor Discovery Protocol (NDP). Even though the concept of security is more pronounced in the IPv6 protocols, there still exist loopholes. These loopholes when exploited target the foundation of the Internetworking. The extensive applications of NDP make it even more necessary to identify and address these gaps to ensure network security. Hence, this paper investigates such loopholes in the applications of NDP in creating a network and analyzes the process of the denial-of-service attacks that endanger the safety of an established network. Also, the paper proposes a new method to mitigate Denial-of-Service (DoS) in network mobility of IPv6 networks. This proposed approach is a hybrid of existing solutions and is capable of overcoming the significant disadvantages of these methods. Also, the paper discusses the comparative analysis among the various existing solutions and illustrates the effect of the proposed method in MIPv6 security.