Effective Control of Abnormal Neighbor Discovery Congestion on IPv6 Local Area Network

  • Gaeil An
  • Jaehoon Nah
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4159)


Neighbor Discovery (ND) protocol is very important in ubiquitous networks because it can provide IP auto-configuration and address resolution. However, a malicious user can make access router of local area network (LAN) generate useless ND protocol messages by sending it abnormal data packets with fictitious destination IP address. If a malicious user sends the access router the enormous volume of abnormal traffic, this may result in network congestion and degrade quality of service (QoS) not only for ND-requested normal traffic, but also for ND-free normal traffic. In this paper, we propose a scheme that is able to effectively control ND congestion by rate-limiting ND protocol messages generated by abnormal data packet. In our scheme, when an access router receives a ND-requested packet, it checks if the destination IP address of the packet exists actually on the target LAN. If yes, it sends out the ND message for the packet using good QoS in packet forwarding service. Otherwise, it uses bad QoS. To learn topology of the target LAN, the router monitors all traffic from the target LAN. Through simulation, we show that our scheme can guarantee not only QoS of ND-requested data traffic, but also QoS of ND-free data traffic irrespectively of the degree of attack strength.


Local Area Network Normal Packet Neighbor Discovery Address Resolution Protocol Neighbor Solicitation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Conta, A., Deering, S.: Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification. IETF, RFC 2463 (1998)Google Scholar
  2. 2.
    Narten, T., Nordmark, E., Simpson, W.: Neighbor Discovery for IP Version 6 (IPv6). IETF, RFC 2461 (1998)Google Scholar
  3. 3.
    Tseng, Y.-C., Jiang, J.-R., Lee, J.-H.: Secure Bootstrapping and Routing in an IPv6-Based Ad Hoc Network. In: Proc. of ICPP Workshops, pp. 375–383 (2003)Google Scholar
  4. 4.
    Arkko, J., Kempf, J., Zill, B., Nikander, P.: Secure Neighbor Discovery (SEND). IETF RFC 3971 (2005)Google Scholar
  5. 5.
    Arkko, J., Aura, T., et al.: Securing IPv6 Neighbor and Router Discovery. In: Proc. of the 3rd ACM workshop on Wireless security, pp. 77–86 (2002)Google Scholar
  6. 6.
    Geng, X., Whinston, A.B.: Defeating Distributed Denial of Service Attacks. In: IT Pro, pp. 36–41 (2000)Google Scholar
  7. 7.
    Nikander, P., Kempf, J., Nordmark, E.: IPv6 Neighbor Discovery (ND) Trust Models and Threats. IETF RFC 3756 (2004)Google Scholar
  8. 8.
    Tanenbaum, S.: Computer Networks, 4th edn. Prentice-Hall, Englewood Cliffs (2002)Google Scholar
  9. 9.
    Cisco Systems: Strategies to Protect Against Distributed Denial of Service (DDoS) Attacks. White paper (2000),
  10. 10.
    Mutaf, P., Castelluccia, C.: Compact Neighbor Discovery: a Bandwidth Defense through Bandwidth Optimization. In: Proc. of INFOCOM 2005 (2005)Google Scholar
  11. 11.
    UCB/LBNL/VINT: ns Notes and Documentation,

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Gaeil An
    • 1
  • Jaehoon Nah
    • 1
  1. 1.Network Security Research DivisionElectronics and Telecommunications Research Institute (ETRI)DaejonKorea

Personalised recommendations