Advertisement

Implementation of Hybrid Artificial Intelligence Technique to Detect Covert Channels Attack in New Generation Internet Protocol IPv6

Conference paper
Part of the Springer Proceedings in Business and Economics book series (SPBE)

Abstract

Intrusion detection systems offer monolithic way to detect attacks through monitoring, searching for abnormal characteristics, and malicious behavior in network communications. Cyber-attack is performed through using covert channel which currently is one of the most sophisticated challenges facing network security systems. Covert channel is used to ex/infiltrate classified information from legitimate targets; consequently, this manipulation violates network security policy and privacy. The New Generation Internet Protocol version 6 (IPv6) has certain security vulnerabilities and need to be addressed using further advanced techniques. Fuzzy rule is implemented to classify different network attacks as an advanced machine learning technique, meanwhile, Genetic algorithm is considered as an optimization technique to obtain the ideal fuzzy rule. This paper suggests a novel hybrid covert channel detection system implementing two Artificial Intelligence (AI) techniques, Fuzzy Logic and Genetic Algorithm (FLGA), to gain sufficient and optimal detection rule against covert channel. Our approach counters sophisticated network unknown attacks through an advanced analysis of deep packet inspection. Results of our suggested system offer high detection rate of 97.7 % and a better performance in comparison to previous tested techniques.

Keywords

Cyber-attack Covert channel ICMPv6 IPv6 Fuzzy genetic algorithm (FGA) AI 

References

  1. Bahaman, N., Anton Satria, P., & Mas’ud, Z. (2011). Implementation of IPv6 network testbed: Intrusion detection system on transition mechanism. Journal of Applied Sciences, 11(1), 118–124.CrossRefGoogle Scholar
  2. Chen, S. H., Jakeman, A. J., & Norton, J. P. (2008). Artificial intelligence techniques: An introduction to their use for modelling environmental systems. Mathematics and Computers in Simulation, 78(2), 379–400.CrossRefGoogle Scholar
  3. Choudhary, A. R. (2009, November). In-depth analysis of IPv6 security posture. In 2009 5th International Conference on Collaborative Computing: Networking, Applications and Worksharing.Google Scholar
  4. Fries, T. P. (2008, July). A fuzzy-genetic approach to network intrusion detection. In Proceedings of the 10th Annual Conference Companion on Genetic and Evolutionary Computation (pp. 2141–2146). ACM.Google Scholar
  5. Gomez, J., & Dasgupta, D. (2002, June). Evolving fuzzy classifiers for intrusion detection. In Proceedings of the 2002 IEEE Workshop on Information Assurance (Vol. 6, No. 3, pp. 321–323). New York: IEEE Computer Press.Google Scholar
  6. Hauser, M. (2013). IPv6 security vulnerabilities. Retrieved February 10, 2016, from https://www.thc.org/thc-ipv6
  7. Hoque, M. S., Mukit, M., Bikas, M., & Naser, A. (2012). An implementation of intrusion detection system using genetic algorithm. ArXiv preprint arXiv: 1204.1336.Google Scholar
  8. Jongsuebsuk, P., Wattanapongsakorn, N., & Charnsripinyo, C. (2013, January). Network intrusion detection with Fuzzy Genetic Algorithm for unknown attacks. In 2013 International Conference on Information Networking (ICOIN) (pp. 1–5). IEEE.Google Scholar
  9. Liu, Z., & Lai, Y. (2009). A data mining framework for building intrusion detection models based on IPv6. In Advances in information security and assurance (pp. 608–618). Berlin: Springer.Google Scholar
  10. Mahoney, M. V., & Chan, P. K. (2003, September). An analysis of the 1999 DARPA/Lincoln Laboratory evaluation data for network anomaly detection. In Recent advances in intrusion detection (pp. 220–237). Berlin: Springer.Google Scholar
  11. Martin, C. E., & Dunn, J. H. (2007, October). Internet Protocol version 6 (IPv6) protocol security assessment. In Military Communications Conference, 2007, MILCOM 2007, IEEE (pp. 1–7). IEEE.Google Scholar
  12. Saad, R. M. A., Manickam, S., & Ramadass, S. (2013) Intrusion detection system in IPv6 network based on data mining techniques—Survey. In Proceedings of 2nd International Conference on Advances in Computer and Information Technology ACIT 2013, Malaysia.Google Scholar
  13. Salih, A., Ma, X., & Peytchev, E. (2015a). Detection and classification of covert channels in IPv6 using enhanced machine learning. In Proceedings of the International Conference on Computer Technology and Information Systems, (ICCTIS) N & N Global Technology DUBAI, UAE.Google Scholar
  14. Salih, A., Ma, X., & Peytchev, E. (2015b). New intelligent heuristic algorithm to mitigate security vulnerabilities in IPv6. International Journal for Information Security (IJIS), 4. doi: 04.IJIS.2015.1.3.Google Scholar
  15. Sohn, T., Seo, J., & Moon, J. (2003, October). A study on the covert channel detection of TCP/IP header using support vector machine. In ICICS (pp. 313–324).Google Scholar
  16. Supriyanto, Hasbullah, I. H., Murugesan, R. K., & Ramadass, S. (2013). Survey of internet protocol version 6 link local communication security vulnerability and mitigation methods. IETE Technical Review, 30(1), 64–71.Google Scholar
  17. Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009). A detailed analysis of the KDD CUP 99 data set. In Proceedings of the Second IEEE Symposium on Computational Intelligence for Security and Defense Applications 2009.Google Scholar
  18. Vivek, T. K., & Kalimuthu, M. (2014, March). Improving intrusion detection method for covert channel in TCP/IP network. International Journal of Computer Science Trends and Technology (IJCST), 2(2).Google Scholar
  19. Wendzel, S., Zander, S., Fechner, B., & Herdin, C. (2015). Pattern-based survey and categorization of network covert channel techniques. ACM Computing Surveys (CSUR), 47(3), 50.CrossRefGoogle Scholar
  20. Zander, S., Armitage, G., & Branch, P. (2006, December). Covert channels in the IP time to live field. In Proceedings of Australian Telecommunication Networks and Applications Conference (ATNAC).Google Scholar

Copyright information

© Springer International Publishing Switzerland 2017

Authors and Affiliations

  1. 1.Nottingham Trent UniversityNottinghamUK

Personalised recommendations