Feature Selection for Detecting ICMPv6-Based DDoS Attacks Using Binary Flower Pollination Algorithm |
| |
Authors: | Adnan Hasan Bdair Aighuraibawi Selvakumar Manickam Rosni Abdullah Zaid Abdi Alkareem Alyasseri Ayman Khallel Dilovan Asaad Zebari Hussam Mohammed Jasim Mazin Mohammed Abed Zainb Hussein Arif |
| |
Abstract: | Internet Protocol version 6 (IPv6) is the latest version of IP that goal to host 3.4 × 1038 unique IP addresses of devices in the network. IPv6 has introduced new features like Neighbour Discovery Protocol (NDP) and Address Auto-configuration Scheme. IPv6 needed several protocols like the Address Auto-configuration Scheme and Internet Control Message Protocol (ICMPv6). IPv6 is vulnerable to numerous attacks like Denial of Service (DoS) and Distributed Denial of Service (DDoS) which is one of the most dangerous attacks executed through ICMPv6 messages that impose security and financial implications. Therefore, an Intrusion Detection System (IDS) is a monitoring system of the security of a network that detects suspicious activities and deals with a massive amount of data comprised of repetitive and inappropriate features which affect the detection rate. A feature selection (FS) technique helps to reduce the computation time and complexity by selecting the optimum subset of features. This paper proposes a method for detecting DDoS flooding attacks (FA) based on ICMPv6 messages using a Binary Flower Pollination Algorithm (BFPA-FA). The proposed method (BFPA-FA) employs FS technology with a support vector machine (SVM) to identify the most relevant, influential features. Moreover, The ICMPv6-DDoS dataset was used to demonstrate the effectiveness of the proposed method through different attack scenarios. The results show that the proposed method BFPA-FA achieved the best accuracy rate (97.96%) for the ICMPv6 DDoS detection with a reduced number of features (9) to half the total (19) features. The proven proposed method BFPA-FA is effective in the ICMPv6 DDoS attacks via IDS. |
| |
Keywords: | IPv6 ICMPv6 DDoS feature selection flower pollination algorithm anomaly detection |
|
| 点击此处可从《计算机系统科学与工程》浏览原始摘要信息 |
|
点击此处可从《计算机系统科学与工程》下载全文 |