SURVEY: SECURING IPV6 NEIGHBOR DISCOVERY PROTOCOL

الملخص

: IPv6 Neighbor Discovery Protocol (NDP) is essential to facilitate communication between local network nodes. However, NDP is vulnerable to various attacks that can disrupt network communication and facilitate malicious activities. This study attempts to identify the major security vulnerabilities to NDP and assess available methods to improve its security. We conducted a systematic literature review to analyze the benefits and limitations of mechanisms such as Cryptographically Generated Addresses (CGA), Secure Neighbor Discovery (SEND), and Attestation-based Neighbor Discovery. Our findings show that these mechanisms significantly reduce the impact of Neighbor Discovery attacks. We recommend an attack detection mechanism to address spoofing of Neighbor Solicitation (NS) and Neighbor Advertisement (NA) messages to improve NDP security in IPv6 networks. These insights can help network administrators and protocol designers implement effective defenses against NDP attacks, thereby enhancing the stability and security of IPv6 deployments. Our research contributes to ongoing efforts to improve IPv6 network reliability by investigating the protocol's structure, the role of ICMPv6, associated security concerns, and potential security solutions.