Labelled Dataset on Distributed Denial-of-Service (DDoS) Attacks Based on Internet Control Message Protocol Version 6 (ICMPv6)

Manickam, Selvakumar; AIghuraibawi, Adnan Hasan Bdair; Abdullah, Rosni; Alyasseri, Zaid Abdi Alkareem; Abdulkareem, Karrar Hameed; Mohammed, Mazin Abed; Al-Ani, Ayman

doi:10.1155/2022/8060333

Cited by 12 publications

(4 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The cited references were using a similar tool to generate the intrusions, but different in the terms of detection model. Figure 5 showed the comparison between this agent's accuracy with the model from the article [27]. Based on the result of Figure 5, this study compared several algorithms like support vector machine (SVM), naive Bayes (NB), decision tree (DT), k-nearest neighbor (KNN), neural network (NN), and epsilon greedy optimized Q learning (EG-QL).…”

Section: Resultsmentioning

confidence: 99%

IPv6 flood attack detection based on epsilon greedy optimized Q learning in single board computer

Daru

Hartomo

Purnomo

2023

IJECE

View full text Add to dashboard Cite

<span lang="EN-US">Internet of things is a technology that allows communication between devices within a network. Since this technology depends on a network to communicate, the vulnerability of the exposed devices increased significantly. Furthermore, the use of internet protocol version 6 (IPv6) as the successor to internet protocol version 4 (IPv4) as a communication protocol constituted a significant problem for the network. Hence, this protocol was exploitable for flooding attacks in the IPv6 network. As a countermeasure against the flood, this study designed an IPv6 flood attack detection by using epsilon greedy optimized Q learning algorithm. According to the evaluation, the agent with epsilon 0.1 could reach 98% of accuracy and 11,550 rewards compared to the other agents. When compared to control models, the agent is also the most accurate compared to other algorithms followed by neural network (NN), K-nearest neighbors (KNN), decision tree (DT), naive Bayes (NB), and support vector machine (SVM). Besides that, the agent used more than 99% of a single central processing unit (CPU). Hence, the agent will not hinder internet of things (IoT) devices with multiple processors. Thus, we concluded that the proposed agent has high accuracy and feasibility in a single board computer (SBC).</span>

show abstract

Section: Resultsmentioning

confidence: 99%

IPv6 flood attack detection based on epsilon greedy optimized Q learning in single board computer

Daru

Hartomo

Purnomo

2023

IJECE

View full text Add to dashboard Cite

show abstract

“…This method can handle data features that are linearly and nonlinearly dependent. In [22], Manickam et al created a comprehensive ICMPv6-DDoS attack dataset to detect ICMPv6-DDoS attacks. They tested the dataset on five machine learning models, and the suggested dataset accurately represented attack traffic, with a high detection accuracy and low false-positive rate.…”

Section: Related Workmentioning

confidence: 99%

Intrusion Detection Based on Bidirectional Long Short-Term Memory with Attention Mechanism

Yang¹,

Tu²,

Ali³

et al. 2023

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

With the recent developments in the Internet of Things (IoT), the amount of data collected has expanded tremendously, resulting in a higher demand for data storage, computational capacity, and real-time processing capabilities. Cloud computing has traditionally played an important role in establishing IoT. However, fog computing has recently emerged as a new field complementing cloud computing due to its enhanced mobility, location awareness, heterogeneity, scalability, low latency, and geographic distribution. However, IoT networks are vulnerable to unwanted assaults because of their open and shared nature. As a result, various fog computing-based security models that protect IoT networks have been developed. A distributed architecture based on an intrusion detection system (IDS) ensures that a dynamic, scalable IoT environment with the ability to disperse centralized tasks to local fog nodes and which successfully detects advanced malicious threats is available. In this study, we examined the time-related aspects of network traffic data. We presented an intrusion detection model based on a twolayered bidirectional long short-term memory (Bi-LSTM) with an attention mechanism for traffic data classification verified on the UNSW-NB15 benchmark dataset. We showed that the suggested model outperformed numerous leading-edge Network IDS that used machine learning models in terms of accuracy, precision, recall and F1 score.

show abstract

“…A dataset must include both normal and abnormal traffic data representing diverse scenarios, as well as all important and relevant features labelled. Therefore, [22] the dataset that contains the ICMPv6 DDoS attacker will be used…”

Section: Intrusion Detection System (Ids) For Icmpv6mentioning

confidence: 99%

“…• The proposed method employs a wrapper method in features selection technology to generate optimal subset features for detecting ICMPv6 flooding attacks, with the Support Vector Machine (SVM) used for evaluation. • Experiments were carried out to evaluate the performance of the proposed method, which is demonstrated by using datasets generated in a NAv6 laboratory [22].…”

Section: Introductionmentioning

confidence: 99%

Feature Selection for Detecting ICMPv6-Based DDoS Attacks Using Binary Flower Pollination Algorithm

Hasan Bdair Aighuraibawi,

Manickam,

Abdullah

et al. 2023

Computer Systems Science and Engineering

View full text Add to dashboard Cite

Internet Protocol version 6 (IPv6) is the latest version of IP that goal to host 3.4 × 10 38 unique IP addresses of devices in the network. IPv6 has introduced new features like Neighbour Discovery Protocol (NDP) and Address Auto-configuration Scheme. IPv6 needed several protocols like the Address Auto-configuration Scheme and Internet Control Message Protocol (ICMPv6). IPv6 is vulnerable to numerous attacks like Denial of Service (DoS) and Distributed Denial of Service (DDoS) which is one of the most dangerous attacks executed through ICMPv6 messages that impose security and financial implications. Therefore, an Intrusion Detection System (IDS) is a monitoring system of the security of a network that detects suspicious activities and deals with a massive amount of data comprised of repetitive and inappropriate features which affect the detection rate. A feature selection (FS) technique helps to reduce the computation time and complexity by selecting the optimum subset of features. This paper proposes a method for detecting DDoS flooding attacks (FA) based on ICMPv6 messages using a Binary Flower Pollination Algorithm (BFPA-FA). The proposed method (BFPA-FA) employs FS technology with a support vector machine (SVM) to identify the most relevant, influential features. Moreover, The ICMPv6-DDoS dataset was used to demonstrate the effectiveness of the proposed method through different attack scenarios. The results show that the proposed method BFPA-FA achieved the best accuracy rate (97.96%) for the ICMPv6 DDoS detection with a reduced number of features (9) to half the total (19) features. The proven proposed method BFPA-FA is effective in the ICMPv6 DDoS attacks via IDS.

show abstract

Labelled Dataset on Distributed Denial-of-Service (DDoS) Attacks Based on Internet Control Message Protocol Version 6 (ICMPv6)

Cited by 12 publications

References 29 publications

IPv6 flood attack detection based on epsilon greedy optimized Q learning in single board computer

IPv6 flood attack detection based on epsilon greedy optimized Q learning in single board computer

Intrusion Detection Based on Bidirectional Long Short-Term Memory with Attention Mechanism

Feature Selection for Detecting ICMPv6-Based DDoS Attacks Using Binary Flower Pollination Algorithm

Contact Info

Product

Resources

About