Omar E. Elejla, B. Belaton, Mohammed Anbar, Issa M. Smadi
{"title":"A New Set of Features for Detecting Router Advertisement Flooding Attacks","authors":"Omar E. Elejla, B. Belaton, Mohammed Anbar, Issa M. Smadi","doi":"10.1109/PICICT.2017.19","DOIUrl":null,"url":null,"abstract":"ICMPv6 is vulnerable to a set of attacks that contributes to preventing IPv6 from being trusted for full implementations on today's networks. One of these attacks is Router Advertisement (RA) flooding attack by sending a huge traffic toward a victim to consume its resources and stop its services. To detect these attacks, classification processes are applied based on a set of features used to represent the network traffic. This paper proposes a set of representative features depends on a suitable formation of data using a flow representation of the traffic. The proposed features and representation have achieved an acceptable detection ability of the RA flooding attacks using several classification techniques. Moreover, the achieved detection ability might be further improved by extracting more representative features or selecting a subset of them to represent the traffic.","PeriodicalId":259869,"journal":{"name":"2017 Palestinian International Conference on Information and Communication Technology (PICICT)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 Palestinian International Conference on Information and Communication Technology (PICICT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PICICT.2017.19","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 9
Abstract
ICMPv6 is vulnerable to a set of attacks that contributes to preventing IPv6 from being trusted for full implementations on today's networks. One of these attacks is Router Advertisement (RA) flooding attack by sending a huge traffic toward a victim to consume its resources and stop its services. To detect these attacks, classification processes are applied based on a set of features used to represent the network traffic. This paper proposes a set of representative features depends on a suitable formation of data using a flow representation of the traffic. The proposed features and representation have achieved an acceptable detection ability of the RA flooding attacks using several classification techniques. Moreover, the achieved detection ability might be further improved by extracting more representative features or selecting a subset of them to represent the traffic.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
