nach oben

Neural Computing and Applications

Erschienen in:

18.04.2017 | Original Article

Rule-based detection technique for ICMPv6 anomalous behaviour

verfasst von: Redhwan M. A. Saad, Mohammed Anbar, Selvakumar Manickam

Erschienen in: Neural Computing and Applications | Ausgabe 12/2018

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The rapid growth of the Internet in the past few years has revealed the limitation of address space in the current Internet Protocol (IP), namely IPv4. Essentially, the increasing demand and consumption of IP addresses have led to the anticipated exhaustion of IPv4 addresses. In order to address this concern, the Internet Protocol version 6 (IPv6) has been developed to provide a sufficient address space. IPv6 is shipped with a new protocol, namely, the neighbour discovery protocol (NDP) which has vulnerabilities that can be used by attackers to launch attacks on IPv6 networks. Such vulnerabilities include the lack of exchange message authentication of NDP. Attacks targeting ICMPv6 protocol display ICMPv6 anomalies. As such, this paper proposes a rule-based technique for detecting ICMPv6 anomalous behaviours that negatively affect the network performance. The effectiveness of this technique is demonstrated by using substantial datasets obtained from the National Advance IPv6 Centre of Excellence (NAv6) laboratory. The experimental results have proved that the proposed technique is capable of detecting ICMPv6 anomalous behaviour s with a detection accuracy rate of 92%.

Vorheriger Artikel Asymmetric ν-twin support vector regression

Nächster Artikel A hybrid machine learning and computing model for forecasting displacement of multifactor-induced landslides

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

El-Bakry HM, Mastorakis N (2008) A real-time intrusion detection algorithm for network security. WSEAS Transactions on Communications 7:1222–1228

Zeng Z (2010) Intrusion detection system of ipv6 based on protocol analysis. In Multimedia Technology (ICMT), 2010 International Conference on 1–4

Saad RM, Ramadass S, Manickam S (2013) A study on detecting ICMPv6 flooding attack based on IDS. Aust J Basic Appl Sci 7:175–181

S TechCenter (2013, 20 Sep.). Microsoft Security Bulletin Summary for August 2013. Available: https://technet.microsoft.com/en-us/library/security/ms13-aug.aspx

Frankel S and S Krishnan IP Security (IPsec) and Internet Key Exchange (IKE) Document Roadmap. RFC 6071 February 2011

Black D and Koning P Securing Block Storage Protocols over IP: RFC 3723 Requirements Update for IPsec v3. RFC 7146 April2014

Jara AJ, Fernandez D, Lopez P, Zamora MA, Skarmeta AF (2014) Lightweight MIPv6 with IPSec support. Mob Inf Syst 10:37–77

Rantos K, Papanikolaou A and Manifavas C (2013) IPsec over IEEE 802.15. 4 for low power and lossy networks. In Proceedings of the 11th ACM international symposium on Mobility management and wireless access 59–64

AlSa'deh A, Meinel C (2012) Secure neighbor discovery: review, challenges, perspectives, and recommendations. Security & Privacy IEEE 10:26–34CrossRef

10.

Gaeil A, Kiyoung K, Jongsoo J, and Yonghee J (2007) Analysis of SEND Protocol through Implementation and Simulation. In Convergence Information Technology. International Conference on 670–676

11.

Nikander EP, Kempf J, and Nordmark E IPv6 Neighbor Discovery (ND) Trust Models and Threats. Internet Engineering Task Force2004

12.

Saad RMA, Anbar M, Manickam S, Alomari E (2016) An intelligent ICMPv6 DDoS flooding-attack detection framework (v6IIDS) using back-propagation neural network. IETE Tech Rev 33:244–255CrossRef

13.

Rafiee H, Alsa'deh A, and Meinel C (2012) Multicore-based auto-scaling SEcure Neighbor Discovery for Windows operating systems. In Information Networking (ICOIN), International Conference on 269–274

14.

Patcha A, Park J-M (2007) An overview of anomaly detection techniques: existing solutions and latest technological trends. Comput Netw 51:3448–3470CrossRef

15.

Roesch M (2014) Snort, intrusion detection system

16.

Garcia-Teodoro P, Diaz-Verdejo J, Maciá-Fernández G, Vázquez E (2009) Anomaly-based network intrusion detection: techniques, systems and challenges. Computers & Security 28:18–28CrossRef

17.

Wu SX, Banzhaf W (2010) The use of computational intelligence in intrusion detection systems: a review. Appl Soft Comput 10:1–35CrossRef

18.

Jyothsna V, Prasad VR, Prasad KM (2011) A review of anomaly based intrusion detection systems. International Journal of Computer Applications 28:26–35CrossRef

19.

Abouabdalla O, El-Taj H, Manasrah A, and Ramadass S (2009) False positive reduction in intrusion detection system: A survey. In Broadband Network & Multimedia Technology. IC-BNMT'09. 2nd IEEE International Conference on, 2009 463–466

20.

Mitra A, Najjar W, and Bhuyan L (2007) Compiling pcre to fpga for accelerating Snort IDS. In Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems 127–136

21.

Ektefa M, Memar S, Sidi F, and Affendey LS (2010) Intrusion detection using data mining techniques. In Information Retrieval & Knowledge Management, (CAMP), International Conference on 2010 200–203

22.

McAfee Denial-of-Service (DoS) Prevention Techniques (2013) McAfee, Inc. Network Security Platfor

23.

Das D, Sharma U, and Bhattacharyya D (2011) Detection of HTTP flooding attacks in multiple scenarios. In Proceedings of the 2011 International Conference on Communication, Computing & Security 517–522

24.

Raghavan S and Dawson E (2011) An Investigation Into the Detection and Mitigation of Denial of Service (DoS) Attacks: Critical Information Infrastructure Protection: Springer Science & Business Media

25.

THC (2015) THC-IPv6 Attack Toolkit. Available: https://www.thc.org/thc-ipv6/

26.

Saad RM, Manickam S, AlomariI E, Anbar M, and Singh P (2014) Design & deployment of testbed based on icmpv6 flooding attack. Journal of Theoretical & Applied Information Technology 64

27.

Tang H, Cao Z (2009) Machine learning-based intrusion detection algorithms. Journal of Computational Information Systems 5:1825–1831

28.

Osareh A, Shadgar B (2008) Intrusion detection in computer networks based on machine learning algorithms. Int J Comput Sci Netw Secur (IJCSNS) 8:15–23

Titel: Rule-based detection technique for ICMPv6 anomalous behaviour
verfasst von: Redhwan M. A. Saad
Mohammed Anbar
Selvakumar Manickam
Publikationsdatum: 18.04.2017
Verlag: Springer London
Erschienen in: Neural Computing and Applications / Ausgabe 12/2018
Print ISSN: 0941-0643
Elektronische ISSN: 1433-3058
DOI: https://doi.org/10.1007/s00521-017-2967-y

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Weitere Artikel der Ausgabe 12/2018

A genetic algorithm-based search space splitting pattern and its application in hydraulic and coastal engineering problems

Design of planar concentric circular antenna arrays with reduced side lobe level using symbiotic organisms search

Face recognition based on an improved center symmetric local binary pattern

Crop suitability prediction in Vellore District using rough set on fuzzy approximation space and neural network

Unsupervised on-line method to diagnose unbalanced voltage in three-phase induction motor

A hybrid machine learning and computing model for forecasting displacement of multifactor-induced landslides