Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network
Trust-ND is a trust-based distributed security mechanism to secure IPv6 link-local networks as an alternative to the highly complex Secure Neighbor Discovery (SEND) protocol. However, theoretical analysis and experimental research revealed that the Trust-ND protocol is susceptible to temporal Denial...
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2023
|
| Subjects: | |
| Online Access: | http://eprints.usm.my/60423/ http://eprints.usm.my/60423/1/IZNAN%20HUSAINY%20BIN%20HASBULLAH%20-%20TESIS24.pdf |
| _version_ | 1848884441382912000 |
|---|---|
| author | Hasbullah, Iznan Husainy |
| author_facet | Hasbullah, Iznan Husainy |
| author_sort | Hasbullah, Iznan Husainy |
| building | USM Institutional Repository |
| collection | Online Access |
| description | Trust-ND is a trust-based distributed security mechanism to secure IPv6 link-local networks as an alternative to the highly complex Secure Neighbor Discovery (SEND) protocol. However, theoretical analysis and experimental research revealed that the Trust-ND protocol is susceptible to temporal Denial-of-Service vulnerabilities due to timestamp reference, field size and format, and verification rule. This research aims to prevent temporal DoS vulnerabilities on IPv6 link-local networks by enhancing Trust-ND without jeopardizing its original structure to retain its advantages over SEND. The proposed enhanced version of Trust-ND, called eTrustND, addresses the vulnerabilities in three stages, (i) Timestamp Formulation, (ii) Enhanced Trust-ND, and (iii) Rule-based verification mechanism. The first stage changes the reference time from system time to UTC, the 24-hour time format in hexadecimal to epoch second in integer. It also increases the precision from one hundredth to one ten-thousandth second. The second stage utilizes the Trust-ND’s Reserved field for the sub-second value and changes the timestamp field data type from byte to IntField. The third stage proposes a rule-based verification mechanism to handle out-of-sync computer clocks, preventing temporal DoS vulnerabilities. The experiment results on a testbed demonstrate that eTrustND prevents temporal-based DoS vulnerabilities without jeopardizing the original Trust-ND packet structure and adding overheads (computation and bandwidth). |
| first_indexed | 2025-11-15T19:06:45Z |
| format | Thesis |
| id | usm-60423 |
| institution | Universiti Sains Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T19:06:45Z |
| publishDate | 2023 |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | usm-604232024-04-24T08:32:24Z http://eprints.usm.my/60423/ Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network Hasbullah, Iznan Husainy T1-995 Technology(General) Trust-ND is a trust-based distributed security mechanism to secure IPv6 link-local networks as an alternative to the highly complex Secure Neighbor Discovery (SEND) protocol. However, theoretical analysis and experimental research revealed that the Trust-ND protocol is susceptible to temporal Denial-of-Service vulnerabilities due to timestamp reference, field size and format, and verification rule. This research aims to prevent temporal DoS vulnerabilities on IPv6 link-local networks by enhancing Trust-ND without jeopardizing its original structure to retain its advantages over SEND. The proposed enhanced version of Trust-ND, called eTrustND, addresses the vulnerabilities in three stages, (i) Timestamp Formulation, (ii) Enhanced Trust-ND, and (iii) Rule-based verification mechanism. The first stage changes the reference time from system time to UTC, the 24-hour time format in hexadecimal to epoch second in integer. It also increases the precision from one hundredth to one ten-thousandth second. The second stage utilizes the Trust-ND’s Reserved field for the sub-second value and changes the timestamp field data type from byte to IntField. The third stage proposes a rule-based verification mechanism to handle out-of-sync computer clocks, preventing temporal DoS vulnerabilities. The experiment results on a testbed demonstrate that eTrustND prevents temporal-based DoS vulnerabilities without jeopardizing the original Trust-ND packet structure and adding overheads (computation and bandwidth). 2023-09 Thesis NonPeerReviewed application/pdf en http://eprints.usm.my/60423/1/IZNAN%20HUSAINY%20BIN%20HASBULLAH%20-%20TESIS24.pdf Hasbullah, Iznan Husainy (2023) Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network. Masters thesis, Universiti Sains Malaysia. |
| spellingShingle | T1-995 Technology(General) Hasbullah, Iznan Husainy Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title | Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title_full | Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title_fullStr | Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title_full_unstemmed | Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title_short | Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network |
| title_sort | enhanced trust-nd protocol to prevent temporal denial-of-service vulnerabilities on ipv6 link-local network |
| topic | T1-995 Technology(General) |
| url | http://eprints.usm.my/60423/ http://eprints.usm.my/60423/1/IZNAN%20HUSAINY%20BIN%20HASBULLAH%20-%20TESIS24.pdf |