IPv6 Neighbor Discovery Protocol Specifications, Threats and Countermeasures: A Survey

Neighbor discovery protocol (NDP) is the core protocol of Internet protocol version 6 (IPv6) suite. The motive behind NDP is to replace address resolution protocol (ARP), router discovery, and redirect functions in Internet protocol version 4. NDP is known as the stateless protocol as it is utilized by the IPv6 nodes to determine joined hosts as well as routers in an IPv6 network without the need of dynamic host configuration protocol server. NDP is susceptible to attacks due to the deficiency in its authentication process. Securing NDP is extremely crucial as the Internet is prevalent nowadays and it is widely used in communal areas, for instance, airports, where trust does not exist among the users. A malicious host is able to expose denial of service or man-in-the-middle attacks by injecting spoofed address in NDP messages. With the intention to protect the NDP many solutions were proposed by researchers. However, these solutions either introduced new protocols that need to be supported by all nodes or built mechanisms that require the cooperation of all nodes. Moreover, some solutions are deviating from the layering principals of open system interconnection model. Therefore, the necessity to study NDP in details to recognize and identify the points that could be a source of enhancement has become mandatory task. This article revolves around the survey of the vulnerabilities mitigations approaches of NDP, since the time of the protocol development up to the date of finalized this paper. We described the technical specifications of NDP showing its components, functions, and working procedures. In addition, each threat of NDP is classified and explained in details. Open challenges of NDP and recommended future directions for scientific research are presented at the end of this paper.