Survey of Internet Protocol Version 6 Link Local Communication Security Vulnerability and Mitigation Methods

摘要

IPv6 is a network layer protocol of the OSI reference model. IPv6 uses the Neighbor Discovery Protocol (NDP) that works on link local scope of IPv6 network. NDP covers host initialization and address auto configuration that is one of IPv6 advantages and other important functionalities. IPv6 mandates to support Internet Protocol Security (IPSec) for end-to-end communication security. However, this security protocol does not cover the link local communication that uses NDP. It is important to consider the link local security issues as the Internet being an open network is vulnerable to be exploited by attackers from both outside and inside the network. In addition, most of the security mechanisms typically block external threats but are relatively vulnerable to the threats originating from internal network. Thus, understanding the threat and vulnerability in the local network is very important. This paper surveys local network security phenomenon and the current defense methods on the IPv6 link local network security vulnerability mitigations.