Overview of IPv6 Based DDoS and DoS Attacks Detection Mechanisms

Bahashwan, Abdullah Ahmed; Anbar, Mohammed; Hanshi, Sabri M.

doi:10.1007/978-981-15-2693-0_11

Cited by 11 publications

(7 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition, IPv6 is an OSImodel-compliant network protocol layer. For this reason, the IPv6 architecture is different from the IPv4 architecture in many ways, including how packet headers are formatted, the address range (32 bits for IPv4 and 128 bits for IPv6), and other characteristics, such as autoconfiguration and mobility [5,15]. Furthermore, IPv6 requires the mandatory Internet Protocol Security (IPSec) protocol, whereas IPv4 does not.…”

Section: Ipv6 Protocol Overviewmentioning

confidence: 99%

Deep-Learning-Based Approach to Detect ICMPv6 Flooding DDoS Attacks on IPv6 Networks

Elejla

Anbar

Hamouda³

et al. 2022

Applied Sciences

Self Cite

View full text Add to dashboard Cite

Internet Protocol version six (IPv6) is more secure than its forerunner, Internet Protocol version four (IPv4). IPv6 introduces several new protocols, such as the Internet Control Message Protocol version six (ICMPv6), an essential protocol to the IPv6 networks. However, it exposes IPv6 networks to some security threats since ICMPv6 messages are not verified or authenticated, and they are mandatory messages that cannot be blocked or disabled. One of the threats currently facing IPv6 networks is the exploitation of ICMPv6 messages by malicious actors to execute distributed denial of service (DDoS) attacks. Therefore, this paper proposes a deep-learning-based approach to detect ICMPv6 flooding DDoS attacks on IPv6 networks by introducing an ensemble feature selection technique that utilizes chi-square and information gain ratio methods to select significant features for attack detection with high accuracy. In addition, a long short-term memory (LSTM) is employed to train the detection model on the selected features. The proposed approach was evaluated using a synthetic dataset for false-positive rate (FPR), detection accuracy, F-measure, recall, and precision, achieving 0.55%, 98.41%, 98.39%, 97.3%, and 99.4%, respectively. Additionally, the results reveal that the proposed approach outperforms the existing approaches.

show abstract

Section: Ipv6 Protocol Overviewmentioning

confidence: 99%

Deep-Learning-Based Approach to Detect ICMPv6 Flooding DDoS Attacks on IPv6 Networks

Elejla

Anbar

Hamouda³

et al. 2022

Applied Sciences

Self Cite

View full text Add to dashboard Cite

show abstract

“…DoS/DDoS attack is a malicious attempt to prevent legitimate users from accessing online services or resources by incapacitating the server that provides the service or bringing down the network connectivity between users and the server [5]. DoS/DDoS attacks accomplish this by flooding the target with traffic or sending specifically crafted packets that trigger a crash.…”

Section: A) Denial Of Service/ Distributed Denial Of Service Attackmentioning

confidence: 99%

“…This research computes the percentage of quantitative metrics usage by a mechanism using Equation (5).…”

Section: Qualitative Metrics In Each Mechanismmentioning

confidence: 99%

Mathematical Approach as Qualitative Metrics of Distributed Denial of Service Attack Detection Mechanisms

et al. 2021

Self Cite

View full text Add to dashboard Cite

The distributed denial of service (DDoS) attack is one of the most destructive organized cyber-attacks against online services or computers on the network. Despite the existence of many mechanisms to detect DDoS attacks, the problem is still prevalent. This research dissected and analyzed twenty-two existing DDoS attack detection mechanisms, representing all types of DDoS attack defense approaches, to determine the reason for the persistent successful DDoS attacks. This research posits two hypotheses concerning this gap: First, a lack of mathematical function usage by the existing detection mechanisms. The few functions used are limited to logical, statistical, or probability functions, resulting in reduced detection effectiveness. Second, researchers unintentionally or inadvertently miscalculate the mechanisms' detection accuracy rate by partially using quantitative metrics. This research has three objectives; to propose a set of qualitative metrics based on mathematical functions, to measure the relationship between the quantitative and qualitative metrics in the DDoS attack detection mechanisms, and to prove the relationship between the genuineness of the existing mechanisms' detection accuracy, and full consideration of quantitative metrics and diversity of qualitative and metrics. The result revealed a correlation rate of 84.22 %, which reflects the correctness of the detection accuracy. Third, identifying the manipulation percentage of reported detection accuracy by employing the correlation rate complement. The result indicated that 15.78 % of the reviewed mechanisms had manipulated or inadvertently miscalculated the accuracy.

show abstract

“…However, the key drawback of the model is the sole detection of the ICMPv6 Echo-Request flooding attack [52]. Moreover, the size of the datasets of 2000 ICMPv6 Echo-Request packets cannot reflect the actual behavior of the DDoS attack [53].…”

Section: Consmentioning

confidence: 99%

ICMPv6-Based DoS and DDoS Attacks Detection Using Machine Learning Techniques, Open Challenges, and Blockchain Applicability: A Review

2020

Self Cite

View full text Add to dashboard Cite

Although the launch of Internet Protocol version six (IPv6) addressed the issue of IPv4's address depletion, but also mandated the use of Internet Control Message Protocol version six (ICMPv6) messages in newly introduced features such as the Neighbor Discovery Protocol (NDP). This has exacerbated existing network attacks including ICMPv6-based Denial of Service (DoS) attacks and its variant form Distributed Denial of Service (DDoS) attack. Intrusion Detection Systems (IDS) aimed at tackling security issues raised by ICMPv6-based DoS and DDoS attacks have been reviewed by researchers and a general classification of existing IDSs was proposed as anomaly-based and signature-based. However, it is incredibly hard to see the overall picture of IDSs based on Machine Learning (ML) techniques with such a classification, as there is a lack of a more detailed view of the ML approach, classifiers, feature selection techniques, datasets, and different evaluation metrics. Nevertheless, recent developments in this relatively new field have not been covered such as ML-based IDSs using flow-based traffic representation. Therefore, this paper specifically reviews and classifies IDSs based on ML techniques to detect ICMPv6-based DoS and DDoS attacks as single and hybrid classifiers. In addition, blockchain applicability in Collaborative IDS (CIDS) architecture based on the ensemble framework has been proposed as a solution to one of the open challenges for ICMPv6-based DoS and DDoS attacks detection problem. Moreover, this review also provides a classification of ICMPv6 vulnerabilities to DoS and DDoS attacks which would provide a reference resource for future researchers in this domain. To the best of the author's knowledge, this is the first review paper specifically focusing on IDSs based on ML techniques in this domain, as well as blockchain applicability as a possible research direction has been proposed to attract researcher's focus on building ensemble learning-based IDS models.

show abstract

Overview of IPv6 Based DDoS and DoS Attacks Detection Mechanisms

Cited by 11 publications

References 35 publications

Deep-Learning-Based Approach to Detect ICMPv6 Flooding DDoS Attacks on IPv6 Networks

Deep-Learning-Based Approach to Detect ICMPv6 Flooding DDoS Attacks on IPv6 Networks

Mathematical Approach as Qualitative Metrics of Distributed Denial of Service Attack Detection Mechanisms

ICMPv6-Based DoS and DDoS Attacks Detection Using Machine Learning Techniques, Open Challenges, and Blockchain Applicability: A Review

Contact Info

Product

Resources

About