An Intelligent ICMPv6 DDoS Flooding-Attack Detection Framework (v6IIDS) using Back-Propagation Neural Network

Saad, Redhwan M. A.; Anbar, Mohammed; Manickam, Selvakumar; Alomari, Esraa

doi:10.1080/02564602.2015.1098576

Cited by 33 publications

(24 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…More so, the tools used in carrying out this form of attack are very easily obtainable, in fact a compromised machine used to send packets to victim might not be aware that it is being compromised, which makes the attacks quite frequent. Maintaining a simple structure of many-to-one features as depicted in Figure 1, DDoS attacks are complex to detect or resolve and can wreck a terrible impact on attacked network or device as attackers remain hidden through the usage of IP spoofing while executing this deadly attack [12].…”

Section: A Distributed Denial Of Service Attackmentioning

confidence: 99%

“…The Neighbour Discovery Protocol is a network layer protocol that enables communication on local links. It carries out its functions solely depending on ICMPv6 by making use of five different types of ICMPv6 informational messages, sent by nodes and routers [12]. A typical task of NDP is to facilitate the auto generation of the IPv6 address for a node, often referred to as "Plug and Play" and also to enable the exchange of NDP messages between nodes [12].…”

Section: ) Neighbour Discovery Protocol (Ndp)mentioning

confidence: 99%

See 1 more Smart Citation

Locally weighted classifiers for detection of neighbor discovery protocol distributed denial‐of‐service and replayed attacks

Alsadhan

Hussain

Liatsis

et al. 2019

Trans Emerging Tel Tech

View full text Add to dashboard Cite

show abstract

Section: A Distributed Denial Of Service Attackmentioning

confidence: 99%

Section: ) Neighbour Discovery Protocol (Ndp)mentioning

confidence: 99%

Locally weighted classifiers for detection of neighbor discovery protocol distributed denial‐of‐service and replayed attacks

Alsadhan

Hussain

Liatsis

et al. 2019

Trans Emerging Tel Tech

View full text Add to dashboard Cite

show abstract

“…In order to acquire access of the internal network, the attackers may utilize malware. Saad et al (2015) mentioned that a research, which included respondents from 130 organizations, was held in 2012 for the purpose of recognizing the security concerns of organizations like those related to internal IPv6 networks. In accordance with 70% of the respondent, we came to know that DoS attacks were amongst their IPv6 security concerns.…”

Section: Dos Attacks On Internal Networkmentioning

confidence: 99%

Impacts Evaluation of DoS Attacks Over IPv6 Neighbor Discovery Protocol

Ahmed

Hassan

Othman

et al. 2019

Journal of Computer Science

View full text Add to dashboard Cite

The Neighbor Discovery Protocol (NDP) is one of the main protocols in the Internet Protocol version 6 (IPv6) suite. It provides many basic functions for the normal operations of IPv6 in a Local Area Network (LAN), such as address auto-configuration and address resolution. However, NDP has several vulnerabilities that can be used by malicious nodes to launch attacks, because NDP messages are easily spoofed. Surrounding this problem many solutions have been proposed for securing NDP but these solutions either proposed new protocols that need to be supported by all nodes or built mechanisms that require the cooperation of all nodes. In this paper we overview NDP vulnerabilities and available solutions to overcome their impacts on IPv6 network. In addition a research test bed setup to implement these vulnerabilities was introduced. Moreover attacks that prove these vulnerabilities are implemented on different types of operating systems, Windows and Linux platforms. Three network metrics throughput, delay and resources consumption have been chosen to investigate, analyze and evaluate the impacts of NDP related attacks on IPv6 link-local communication. Overall, the results had shown that performance of Linux based operating system is better than Windows based operating system.

show abstract

“…The malicious node uses a spoofed message stating that it has the address in answer to every DAD attempt. Consequently, the victim will fail to access the network or configure an IP address because every attempt to generate a new valid IPv6 will not pass the address collision check successfully [16].…”

Section: ) Redirectmentioning

confidence: 99%

Denial of Service Attack over Secure Neighbor Discovery (SeND)

Ahmed¹,

Hassan²,

Othman³

2018

Int. J. Adv. Sci. Eng. Inf. Technol.

View full text Add to dashboard Cite

IPv6, the Internet Protocol suite version 6, uses a Neighbor Discovery Protocol (NDP). NDP mainly replaces router discovery and the Address Resolution Protocol (ARP) and after that redirects the functions used in IPv4, i.e. the Internet Protocol suite version 4. The NDP system is a stateless protocol since it does not need the dynamic host's configuration protocol server to enable the various IPv6 nodes for determining the connected hosts along with the IPv6 network routers. To add layers of protection to NDP, the SeND (Secure Neighbor Discovery) extension was developed, which provides router authorization, proof of address ownership, and message protection for the protocol. SeND employs CGAs (Cryptographically Generated Addresses) and X.509 certificates. Despite its many advantages, deploying SeND is not easy, and it is still vulnerable to specific DoS (Denial-of-Service) attacks. The components of SeND and its responses to NDP threats are further elaborated in this paper. Also, an overview of the implementation of SeND, its limitations, existing vulnerabilities, and current deployment challenges are also presented. Furthermore, to test the performance of SeND under a DoS attack, a test bed was implemented, and the results discussed.

show abstract

An Intelligent ICMPv6 DDoS Flooding-Attack Detection Framework (v6IIDS) using Back-Propagation Neural Network

Cited by 33 publications

References 9 publications

Locally weighted classifiers for detection of neighbor discovery protocol distributed denial‐of‐service and replayed attacks

Locally weighted classifiers for detection of neighbor discovery protocol distributed denial‐of‐service and replayed attacks

Impacts Evaluation of DoS Attacks Over IPv6 Neighbor Discovery Protocol

Denial of Service Attack over Secure Neighbor Discovery (SeND)

Contact Info

Product

Resources

About