Skip to main content
SpringerLink
Log in

Brief of Intrusion Detection Systems in Detecting ICMPv6 Attacks

  • Conference paper
Book cover Computational Science and Technology

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 603))

Abstract

Network security, amongst other security issues, essentially requires implementing Internet Protocol version 6 (IPv6). Cybercriminals always hunted for methods and means to unfairly benefit from this new technology. IPv6 is an improved protocol because it has built-in security mechanisms compared to Internet Protocol version 4 (IPv4). However, IPv6 has similar susceptibilities, which are inherited from several features of IPv4. Another issue involves that the new functionalities and procedures, which are found in IPv6, depend on Internet Control Message Protocol version 6 (ICMPv6). A common vulnerability is the Denial of Service (DoS) attack. A combination of zombie hosts can form a Distributed Denial of Service (DDoS). The DoS and DDoS attacks often represent substantial hazards in today’s Internet as they can cause serious damages to organizations and disrupts Internet services. This research aims to provide a brief review of the latest studies and investigates on the detection in IPv6 networks using ICMPv6 messages and DoS, as well as DDoS attacks. Moreover, this work aims to introduce the proposed techniques, which utilized the Intrusion Detection System (IDS) in an effort to combat cyber-attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Agarwal, P., Yadav, P., Sharma, N., Uniyal, R., & Sharma, S. (2012). Network security is a key for internet users: A perspective. Indian Journal of Engineering, 1(1), 92-95.

    Google Scholar 

  2. Tahir, M., Li, M., Ayoub, N., Shehzaib, U., & Wagan, A. (2018). A Novel DDoS Floods Detection and Testing Approaches for Network Traffic based on Linux Techniques. Int. J. Adv. Comput. Sci. Appl, 9, 341-357.

    Google Scholar 

  3. Al-Ani, A. K., Anbar, M., Manickam, S., & Al-Ani, A. (2019). DAD-match; Security technique to prevent denial of service attack on duplicate address detection process in IPv6 link-local network. PloS one, 14(4), e0214518.

    Google Scholar 

  4. Elejla, O. E., Belaton, B., Anbar, M., & Smadi, I. M. (2017, May). A New Set of Features for Detecting Router Advertisement Flooding Attacks. In 2017 Palestinian International Conference on Information and Communication Technology (PICICT) (pp. 1-5). IEEE.C.E.

    Google Scholar 

  5. Al-Ani, A. K., Anbar, M., Manickam, S., Al-Ani, A., & Leau, Y. B. (2019). Preventing Denial of Service Attacks on Address Resolution in IPv6 Link-local Network: AR-match Security Technique. In Computational Science and Technology (pp. 305-314). Springer, Singapore.

    Google Scholar 

  6. Deering, S., Fenner, B., & Haberman, B. Multicast listener discovery (MLD) for IPv6, October 1999. IETF request for comments RFC2710, 2(22), 101.IPv6-Google, IPv6 _ Google. 2017.

    Google Scholar 

  7. IPv6-Google, IPv6_Google. 2017.

    Google Scholar 

  8. Narten, T., Nordmark, E., Simpson, W., & Soliman, H. (2007). Neighbor discovery for IP version 6 (IPv6) (No. RFC 4861).

    Google Scholar 

  9. Conta, A., Deering, S., & Gupta, M. (2006). Internet control message protocol (icmpv6) for the internet protocol version 6 (ipv6) specification (No. RFC 4443). J. Ard, “Internet Protocol Version Six (IPv6) at UC Davis: Traffic Analysis with a Security Perspective,” 2012.

    Google Scholar 

  10. Mirkovic, J., & Reiher, P. (2004). A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Computer Communication Review, 34(2), 39-53.

    Google Scholar 

  11. Elejla, O. E., Belaton, B., Anbar, M., Alabsi, B., & Al-Ani, A. K. (2019). Comparison of Classification Algorithms on ICMPv6-Based DDoS Attacks Detection. In Computational Science and Technology (pp. 347-357). Springer, Singapore.

    Google Scholar 

  12. Rezvani, M. (2018). Assessment Methodology for Anomaly-Based Intrusion Detection in Cloud Computing. Journal of AI and Data Mining, 6(2), 387-397.

    Google Scholar 

  13. Xue, L., Ma, X., Luo, X., Chan, E. W., Miu, T. T., & Gu, G. (2018). LinkScope: toward detecting target link flooding attacks. IEEE Transactions on Information Forensics and Security, 13(10), 2423-2438.

    Google Scholar 

  14. Crainicu, B. Inside the IPsec Headers: AH (Authentication Header) and ESP (Encapsulating Security Payload). In the Proceedings of the “European Integration-Between Tradition and Modernity” Congress.

    Google Scholar 

  15. Crainicu, B. Inside the IPsec Headers: AH (Authentication Header) and ESP (Encapsulating Security Payload). In The Proceedings of the “European Integration-Between Tradition and Modernity” Congress.

    Google Scholar 

  16. Supriyanto, Hasbullah, I. H., Murugesan, R. K., & Ramadass, S. (2013). Survey of internet protocol version 6 link-local communication security vulnerability and mitigation methods. IETE Technical Review, 30(1), 64-71.

    Google Scholar 

  17. Elejla, O. E., Anbar, M., & Belaton, B. (2017). ICMPv6-based DoS and DDoS attacks and defense mechanisms. IETE Technical Review, 34(4), 390-407.

    Google Scholar 

  18. Joseph Klein; Sr.moderator, “‘Securing IPv6 Networks’, panelists Ron Broersma, Bob Scott, and Dave Rubal, panel discussion,” 2008.

    Google Scholar 

  19. Convery, S., & Miller, D. (2004). Ipv6 and ipv4 threat comparison and best-practice evaluation (v1. 0). Presentation at the 17th NANOG, 24, 16.

    Google Scholar 

  20. Lancaster, T. (2006). IPv6 & IPv4 Threat Review with Dual-Stack Considerations. COMP6009: Individual Research Project, University of Southampton, Department of Electronics and Computer Science, UK.

    Google Scholar 

  21. Choudhary, A. R. (2009, November). In-depth analysis of IPv6 security posture. In 2009 5th International Conference on Collaborative Computing: Networking, Applications and Worksharing (pp. 1-7). IEEE.

    Google Scholar 

  22. Durdağı, E., & Buldu, A. (2010). IPV4/IPV6 security and threat comparisons. Procedia-Social and Behavioral Sciences, 2(2), 5285-5291.

    Google Scholar 

  23. Chown, T. (2008). IPv6 implications for network scanning (No. RFC 5157).

    Google Scholar 

  24. Shah, J. L., & Parvez, J. (2015). Security Issues in Next Generation IP and Migration Networks. IOSR Journal of Computer Engineering (IOSR-JCE), 17, 13-18.

    Google Scholar 

  25. Gont, F., Liu, W., & Anderson, T. (2017). Generation of IPv6 Atomic Fragments Considered Harmful (No. RFC 8021).

    Google Scholar 

  26. Hoque, N., Bhuyan, M. H., Baishya, R. C., Bhattacharyya, D. K., & Kalita, J. K. (2014). Network attacks: Taxonomy, tools, and systems. Journal of Network and Computer Applications, 40, 307-324.

    Google Scholar 

  27. J. Postel, “Internet protocol”, Internet Eng. Task Force (IETF), Request for Comments (RFC) 791, 1981.

    Google Scholar 

  28. Anbar, M., Abdullah, R., Saad, R. M., Alomari, E., & Alsaleem, S. (2016). Review of security vulnerabilities in the IPv6 neighbor discovery protocol. In Information Science and Applications (ICISA) 2016 (pp. 603-612). Springer, Singapore.

    Google Scholar 

  29. Anbar, M., Abdullah, R., Al-Tamimi, B. N., & Hussain, A. (2018). A machine learning approach to detect router advertisement flooding attacks in next-generation IPv6 networks. Cognitive Computation, 10(2), 201-214.

    Google Scholar 

  30. Anbar, M., Abdullah, R., Saad, R., & Hasbullah, I. H. (2017). Review of preventive security mechanisms for neighbour discovery protocol. Advanced Science Letters, 23(11), 11306-11310.

    Google Scholar 

  31. Kumar, M. A., Hemalatha, M., Nagaraj, P., & Karthikeyan, S. (2010, July). A new way towards security in TCP/IP protocol suite. In Proceedings of the 14th WSEAS international conference on Computers: part of the 14th WSEAS CSCC multiconference (Vol. 1).

    Google Scholar 

  32. Choudhary, A. R., & Sekelsky, A. (2010, November). Securing IPv6 network infrastructure: A new security model. In 2010 IEEE International Conference on Technologies for Home-land Security (HST) (pp. 500-506). IEEE.

    Google Scholar 

  33. Ahmed, A. S., Hassan, R., & Othman, N. E. (2015, August). Improving security for IPv6 neighbor discovery. In 2015 International Conference on Electrical Engineering and Informatics (ICEEI) (pp. 271-274). IEEE.

    Google Scholar 

  34. R. M. A. Saad; and S. R. Manickam: A Survey: Network Intrusion Detection System based on Data Mining Techniques, vol. 2, no. January 2013, pp. 145–153, 2013.

    Google Scholar 

  35. Al-Ani, A. K., Anbar, M., Manickam, S., Wey, C. Y., Leau, Y. B., & Al-Ani, A. (2018). Detection and Defense Mechanisms on Duplicate Address Detection Process in IPv6 Link-Local Network: A Survey on Limitations and Requirements. Arabian Journal for Science and Engineering, 1-19.

    Google Scholar 

  36. Shah, S. B. I., Anbar, M., Al-Ani, A., & Al-Ani, A. K. (2019). Hybridizing Entropy Based Mechanism with Adaptive Threshold Algorithm to Detect RA Flooding Attack in IPv6 Networks. In Computational Science and Technology (pp. 315-323). Springer, Singapore.

    Google Scholar 

  37. Douligeris, C., & Mitrokotsa, A. (2004). DDoS attacks and defense mechanisms: classification and state-of-the-art. Computer Networks, 44(5), 643-666.

    Google Scholar 

  38. Gont, F., & Liu, W. (2013). Security Implications of IPv6 options of Type 10xxxxxx. Work in Progress, draft-gont-6man-ipv6-smurf-amplifier-03.

    Google Scholar 

  39. Gao, J., & Chen, Y. (2014). Detecting DOS/DDOS Attacks Under Ipv6. In Proceedings of the 2012 International Conference on Cybernetics and Informatics (pp. 847-855). Springer, New York, NY.

    Google Scholar 

  40. Saad, R. M., Anbar, M., Manickam, S., & Alomari, E. (2016). An intelligent icmpv6 ddos flooding-attack detection framework (v6iids) using back-propagation neural network. IETE Technical Review, 33(3), 244-255.

    Google Scholar 

  41. Balasaraswathi, V. R., Sugumaran, M., & Hamid, Y. (2017). Feature selection techniques for intrusion detection using non-bio-inspired and bio-inspired optimization algorithms. Journal of Communications and Information Networks, 2(4), 107-119.

    Google Scholar 

  42. Roesch, M. (1999, November). Snort: Lightweight intrusion detection for networks. In Lisa (Vol. 99, No. 1, pp. 229-238).

    Google Scholar 

  43. Napiah, M. N., Idris, M. Y. I. B., Ramli, R., & Ahmedy, I. (2018). Compression header analyzer intrusion detection system (CHA-IDS) for 6LoWPAN communication protocol. IEEE Access, 6, 16623-16638.

    Google Scholar 

  44. Sheikhan, M., & Bostani, H. (2016, September). A hybrid intrusion detection architecture for the Internet of things. In 2016 8th International Symposium on Telecommunications (IST) (pp. 601-606). IEEE.

    Google Scholar 

  45. Schütte, M. (2011). Design and implementation of an ipv6 plugin for the snort intrusion detection system. Potsdam University Institute for Computer Science September, 1.

    Google Scholar 

  46. Atlasis, A., & Rey, E. (2014). Evasion of high-end IPS devices in the age of IPv6. BlackHat EU, 2015.

    Google Scholar 

  47. Gehrke, K. A. (2012). The unexplored impact of ipv6 on intrusion detection systems. NAVAL POSTGRADUATE SCHOOL MONTEREY CA DEPT OF COMPUTER SCIENCE.

    Google Scholar 

  48. Roesch, “INTRUSION DETECTION SYSTEMS WITH THE SNORT 10,” 2014. [Online]. Available: https://www.coursehero.com/file/p76fva1/INTRUSION-DETECTION-SYSTEMS-WITH-THE-SNORT-10-Roesch-2014-While-there-are/.

  49. Paxson, V. (1999). Bro: A system for detecting network intruders in real-time. Computer Networks, 31(23-24), 2435-2463.

    Google Scholar 

  50. Moya, M. A. C. (2008). Analysis and evaluation of the snort and bro network intrusion detection systems. Intrusion Detection System, Universidad Pontificia Comillas, 80, 80.

    Google Scholar 

  51. Jyothsna, V. V. R. P. V., Prasad, V. R., & Prasad, K. M. (2011). A review of anomaly-based intrusion detection systems. International Journal of Computer Applications, 28(7), 26-35.

    Google Scholar 

  52. Amaral, J. P., Oliveira, L. M., Rodrigues, J. J., Han, G., & Shu, L. (2014, June). Policy and network-based intrusion detection system for IPv6-enabled wireless sensor networks. In 2014 IEEE International Conference on Communications (ICC) (pp. 1796-1801). IEEE.

    Google Scholar 

  53. Manninen, M. (2002). Using artificial intelligence in intrusion detection systems. Helsinki University of Technology.

    Google Scholar 

  54. Fragkiadakis, A. G., Tragos, E. Z., Tryfonas, T., & Askoxylakis, I. G. (2012). Design and performance evaluation of a lightweight wireless early warning intrusion detection prototype. EURASIP Journal on Wireless Communications and Networking, 2012(1), 73.

    Google Scholar 

  55. Sharma, S., & Gupta, R. K. (2015). Intrusion detection system: A review. International Journal of Security and Its Applications, 9(5), 69-76.

    Google Scholar 

  56. Barati, M., Abdullah, A., Udzir, N. I., Mahmod, R., & Mustapha, N. (2014, August). Distributed Denial of Service detection using a hybrid machine learning technique. In 2014 International Symposium on Biometrics and Security Technologies (ISBAST) (pp. 268-273). IEEE.

    Google Scholar 

  57. Yu, S., Tian, Y., Guo, S., & Wu, D. O. (2014). Can we beat DDoS attacks in clouds? IEEE Transactions on Parallel and Distributed Systems, 25(9), 2245-2254.

    Google Scholar 

  58. Thapngam, T., Yu, S., Zhou, W., & Beliakov, G. (2011, April). Discriminating DDoS attack traffic from flash crowd through packet arrival patterns. In 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS) (pp. 952-957). IEEE.

    Google Scholar 

  59. Alsadhan, A., & Khan, N. (2013). A proposed optimized and efficient intrusion detection system for wireless sensor network. International Journal of Electrical, Computer, Energetic, Electronic and Communication Engineering, 7(12), 1621-1624.

    Google Scholar 

  60. Aydın, M. A., Zaim, A. H., & Ceylan, K. G. (2009). A hybrid intrusion detection system design for computer network security. Computers and Electrical Engineering, 35(3), 517-526.

    Google Scholar 

  61. Lo, C. H., & Ansari, N. (2013). CONSUMER: A novel hybrid intrusion detection system for distribution networks in smart grid. IEEE Transactions on Emerging Topics in Computing, 1(1), 33-44.

    Google Scholar 

  62. Cepheli, Ö., Büyükçorak, S., & Karabulut Kurt, G. (2016). Hybrid intrusion detection system for ddos attacks. Journal of Electrical and Computer Engineering, 2016.

    Google Scholar 

  63. Al-Ani, A. K., Anbar, M., Manickam, S., Wey, C. Y., Leau, Y. B., & Al-Ani, A. (2018). Detection and Defense Mechanisms on Duplicate Address Detection Process in IPv6 Link-Local Network: A Survey on Limitations and Requirements. Arabian Journal for Science and Engineering, 1-19.

    Google Scholar 

Download references

Acknowledgments

The authors would like to acknowledge the National Advanced IPv6 Centre (NAv6), Universiti Sains Malaysia (USM) for providing necessary facilities and support. The funding for this research was provided by Universiti Sains Malaysia (USM) and Iraq Airways Company (IA).

Author information

Authors and Affiliations

  1. National Advanced IPv6 Centre (NAv6), Universiti Sains Malaysia, Penang, 11800, Malaysia

    Adnan Hasan Bdair, Selvakumar Manickam & Ahmed K. Al-Ani

  2. School of Computer Sciences, Universiti Sains Malaysia, Penang, 11800, Malaysia

    Rosni Abdullah

Authors
  1. Adnan Hasan Bdair
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rosni Abdullah
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Selvakumar Manickam
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ahmed K. Al-Ani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Adnan Hasan Bdair .

Editor information

Editors and Affiliations

  1. Knowledge Technology Research Unit, Faculty of Computing and Informatics, Universiti Malaysia Sabah, Kota Kinabalu, Malaysia

    Rayner Alfred

  2. School of Information Science, Security and Networks Area, Japan Advanced Institute of Science and Technology, Ishikawa, Japan

    Yuto Lim

  3. Department of Computer Science, Universitas Mulawarman, Samarinda, Indonesia

    Haviluddin Haviluddin

  4. Center of Data and Information Management, Universiti Malaysia Sabah, Kota Kinabalu, Sabah, Malaysia

    Chin Kim On

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper

Bdair, A.H., Abdullah, R., Manickam, S., Al-Ani, A.K. (2020). Brief of Intrusion Detection Systems in Detecting ICMPv6 Attacks. In: Alfred, R., Lim, Y., Haviluddin, H., On, C. (eds) Computational Science and Technology. Lecture Notes in Electrical Engineering, vol 603. Springer, Singapore. https://doi.org/10.1007/978-981-15-0058-9_20

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-0058-9_20

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-0057-2

  • Online ISBN: 978-981-15-0058-9

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation