Please use this identifier to cite or link to this item:
http://hdl.handle.net/1893/26343
Appears in Collections: | Computing Science and Mathematics Journal Articles |
Peer Review Status: | Refereed |
Title: | A Machine Learning Approach to Detect Router Advertisement Flooding Attacks in Next-Generation IPv6 Networks |
Author(s): | Anbar, Mohammed Abdullah, Rosni Al-Tamimi, Bassam Naji Hussain, Amir |
Contact Email: | ahu@cs.stir.ac.uk |
Keywords: | RA flooding attack Network security IGR PCA SVM IPv6 security |
Issue Date: | Apr-2018 |
Date Deposited: | 13-Dec-2017 |
Citation: | Anbar M, Abdullah R, Al-Tamimi BN & Hussain A (2018) A Machine Learning Approach to Detect Router Advertisement Flooding Attacks in Next-Generation IPv6 Networks. Cognitive Computation, 10 (2), pp. 201-214. https://doi.org/10.1007/s12559-017-9519-8 |
Abstract: | Router advertisement (RA) flooding attack aims to exhaust all node resources, such as CPU and memory, attached to routers on the same link. A biologically inspired machine learning-based approach is proposed in this study to detect RA flooding attacks. The proposed technique exploits information gain ratio (IGR) and principal component analysis (PCA) for feature selection and a support vector machine (SVM)-based predictor model, which can also detect input traffic anomaly. A real benchmark dataset obtained from National Advanced IPv6 Center of Excellence laboratory is used to evaluate the proposed technique. The evaluation process is conducted with two experiments. The first experiment investigates the effect of IGR and PCA feature selection methods to identify the most contributed features for the SVM training model. The second experiment evaluates the capability of SVM to detect RA flooding attacks. The results show that the proposed technique demonstrates excellent detection accuracy and is thus an effective choice for detecting RA flooding attacks. The main contribution of this study is identification of a set of new features that are related to RA flooding attack by utilizing IGR and PCA algorithms. The proposed technique in this paper can effectively detect the presence of RA flooding attack in IPv6 network. |
DOI Link: | 10.1007/s12559-017-9519-8 |
Rights: | This item has been embargoed for a period. During the embargo please use the Request a Copy feature at the foot of the Repository record to request a copy directly from the author. You can only request a copy if you wish to use this work for your own research or private study. This is a post-peer-review, pre-copyedit version of an article published in Cognitive Computation. The final authenticated version is available online at: http://dx.doi.org/10.1007/s12559-017-9519-8 |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
paper.pdf | Fulltext - Accepted Version | 801.6 kB | Adobe PDF | View/Open |
This item is protected by original copyright |
Items in the Repository are protected by copyright, with all rights reserved, unless otherwise indicated.
The metadata of the records in the Repository are available under the CC0 public domain dedication: No Rights Reserved https://creativecommons.org/publicdomain/zero/1.0/
If you believe that any material held in STORRE infringes copyright, please contact library@stir.ac.uk providing details and we will remove the Work from public display in STORRE and investigate your claim.