Article

A Machine Learning Approach to Detect Router Advertisement Flooding Attacks in Next-Generation IPv6 Networks

Details

Citation

Anbar M, Abdullah R, Al-Tamimi BN & Hussain A (2018) A Machine Learning Approach to Detect Router Advertisement Flooding Attacks in Next-Generation IPv6 Networks. Cognitive Computation, 10 (2), pp. 201-214. https://doi.org/10.1007/s12559-017-9519-8

Abstract
Router advertisement (RA) flooding attack aims to exhaust all node resources, such as CPU and memory, attached to routers on the same link. A biologically inspired machine learning-based approach is proposed in this study to detect RA flooding attacks. The proposed technique exploits information gain ratio (IGR) and principal component analysis (PCA) for feature selection and a support vector machine (SVM)-based predictor model, which can also detect input traffic anomaly. A real benchmark dataset obtained from National Advanced IPv6 Center of Excellence laboratory is used to evaluate the proposed technique. The evaluation process is conducted with two experiments. The first experiment investigates the effect of IGR and PCA feature selection methods to identify the most contributed features for the SVM training model. The second experiment evaluates the capability of SVM to detect RA flooding attacks. The results show that the proposed technique demonstrates excellent detection accuracy and is thus an effective choice for detecting RA flooding attacks. The main contribution of this study is identification of a set of new features that are related to RA flooding attack by utilizing IGR and PCA algorithms. The proposed technique in this paper can effectively detect the presence of RA flooding attack in IPv6 network.

Keywords
RA flooding attack; Network security; IGR; PCA; SVM; IPv6 security

Journal
Cognitive Computation: Volume 10, Issue 2

StatusPublished
FundersEngineering and Physical Sciences Research Council
Publication date30/04/2018
Publication date online23/10/2017
Date accepted by journal10/10/2017
URLhttp://hdl.handle.net/1893/26343
PublisherSpringer
ISSN1866-9956
eISSN1866-9964

Files (1)