Overview of IPv6 Based DDoS and DoS Attacks Detection Mechanisms

In recent years, the number of Internet users and devices are rapidly increased. For this reason, the Internet Assigned Number Authority (IANA) launched a new protocol called Internet Protocol version six (IPv6) next generation. The IPv6 provides new features that fit the internet revolution. IPv6 is equipped with new protocols such as Neighbor Discovery Protocol (NDP) and Internet Control Messages protocol version six (ICMPv6). In fact, ICMPv6 is considered as the backbone of the IPv6 protocol since it is responsible for many key functions like the NDP process. In addition, the NDP protocol is a stateless protocol that gives the lack of authentication to NDP messages, which is vulnerable to many types of attacks such as Distributed Denial of Services (DDoS) and Denial of Services (DoS) flooding attacks. In this type of attacks, the attacker sends an enormous volume of abnormal traffic to increase network congestion and break down the network. Under those circumstances, the first line of defense in a network has been supplemented by additional devices and tools that supervise the network activities and monitor the network traffic behaviors as well as to stop unauthorized intrusions. Overall, the aim of this review paper is to give pure thoughts about the IPv6 features and the most important related protocols like ICMPv6 protocol and NDP protocol. Also, this article discusses DDoS and DoS attack based on ICMPv6 protocol. Likewise, this article gives a comprehensive review of the IPv6 Intrusion Detection Systems based on DDoS & DoS attacks with their features and security limitations.