Neighbor discovery protocol anomaly-based detection system using neural network algorithm.
Saved in:
| Title: | Neighbor discovery protocol anomaly-based detection system using neural network algorithm. |
|---|---|
| Authors: | Saad, Redhwan M. A.1,2 (AUTHOR), Anbar, Mohammed2 (AUTHOR) anbar@usm.my, Manickam, Selvakumar2 (AUTHOR) selva@usm.my, Shaheen, Samir I.3 (AUTHOR), Hasbullah, Iznan H.2 (AUTHOR) |
| Source: | International Journal of Information Security. Jun2024, Vol. 23 Issue 3, p1787-1803. 17p. |
| Subjects: | Internet Engineering Task Force (Organization), Internet protocol version 6, Computer network traffic, Internet protocols, Algorithms, Internet protocol address, Denial of service attacks |
| Abstract: | The exponential increase in Internet-facing devices in the last decade has resulted in IP address exhaustion due to the limitations of the existing IPv4 address space. Therefore, the Internet Engineering Task Force engineered a new version of the Internet protocol known as Internet Protocol Version 6 (IPv6) to resolve the issue. However, IPv6 is highly dependent on the neighbor discovery protocol (NDP), which, unfortunately, has well-known vulnerabilities in its underlying messaging protocol, the Internet Control Message Protocol version 6. So, the NDP flaws leave the IPv6 network open to many security threats and attacks, including man-in-the-middle, spoofing, and denial-of-service attacks, which are the most annoying attack at the network layer. Unfortunately, one of the critical issues plaguing the existing anomaly-based detection system is the effectiveness of detecting NDP-based DDoS attacks, which requires urgent attention. This paper suggests a system to find network traffic patterns that are not normal that are caused by NDP-based attacks. It does this by teaching neural networks how to recognize network attack patterns using the backpropagation algorithm. The proposed system is a big step forward from where the field is now because it uses a complex neural network algorithm to create an NDP anomaly-based detection system. Using a real dataset to test the proposed system's performance shows that it can find NDP anomalies with a 99.95% success rate, a 99.92% precision rate, a 99.98% recall rate, an F1-Score of 99.98%, and a 0.040% false positive rate. Also, the proposed approach shows better results compared to other existing approaches. [ABSTRACT FROM AUTHOR] |
| Copyright of International Journal of Information Security is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Database: | Engineering Source |
| FullText | Links: – Type: pdflink Text: Availability: 0 |
|---|---|
| Header | DbId: egs DbLabel: Engineering Source An: 177464357 AccessLevel: 6 PubType: Academic Journal PubTypeId: academicJournal PreciseRelevancyScore: 0 |
| IllustrationInfo | |
| Items | – Name: Title Label: Title Group: Ti Data: Neighbor discovery protocol anomaly-based detection system using neural network algorithm. – Name: Author Label: Authors Group: Au Data: <searchLink fieldCode="AR" term="%22Saad%2C+Redhwan+M%2E+A%2E%22">Saad, Redhwan M. A.</searchLink><relatesTo>1,2</relatesTo> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Anbar%2C+Mohammed%22">Anbar, Mohammed</searchLink><relatesTo>2</relatesTo> (AUTHOR)<i> anbar@usm.my</i><br /><searchLink fieldCode="AR" term="%22Manickam%2C+Selvakumar%22">Manickam, Selvakumar</searchLink><relatesTo>2</relatesTo> (AUTHOR)<i> selva@usm.my</i><br /><searchLink fieldCode="AR" term="%22Shaheen%2C+Samir+I%2E%22">Shaheen, Samir I.</searchLink><relatesTo>3</relatesTo> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Hasbullah%2C+Iznan+H%2E%22">Hasbullah, Iznan H.</searchLink><relatesTo>2</relatesTo> (AUTHOR) – Name: TitleSource Label: Source Group: Src Data: <searchLink fieldCode="JN" term="%22International+Journal+of+Information+Security%22">International Journal of Information Security</searchLink>. Jun2024, Vol. 23 Issue 3, p1787-1803. 17p. – Name: Subject Label: Subjects Group: Su Data: <searchLink fieldCode="DE" term="%22Internet+Engineering+Task+Force+%28Organization%29%22">Internet Engineering Task Force (Organization)</searchLink><br /><searchLink fieldCode="DE" term="%22Internet+protocol+version+6%22">Internet protocol version 6</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+network+traffic%22">Computer network traffic</searchLink><br /><searchLink fieldCode="DE" term="%22Internet+protocols%22">Internet protocols</searchLink><br /><searchLink fieldCode="DE" term="%22Algorithms%22">Algorithms</searchLink><br /><searchLink fieldCode="DE" term="%22Internet+protocol+address%22">Internet protocol address</searchLink><br /><searchLink fieldCode="DE" term="%22Denial+of+service+attacks%22">Denial of service attacks</searchLink> – Name: Abstract Label: Abstract Group: Ab Data: The exponential increase in Internet-facing devices in the last decade has resulted in IP address exhaustion due to the limitations of the existing IPv4 address space. Therefore, the Internet Engineering Task Force engineered a new version of the Internet protocol known as Internet Protocol Version 6 (IPv6) to resolve the issue. However, IPv6 is highly dependent on the neighbor discovery protocol (NDP), which, unfortunately, has well-known vulnerabilities in its underlying messaging protocol, the Internet Control Message Protocol version 6. So, the NDP flaws leave the IPv6 network open to many security threats and attacks, including man-in-the-middle, spoofing, and denial-of-service attacks, which are the most annoying attack at the network layer. Unfortunately, one of the critical issues plaguing the existing anomaly-based detection system is the effectiveness of detecting NDP-based DDoS attacks, which requires urgent attention. This paper suggests a system to find network traffic patterns that are not normal that are caused by NDP-based attacks. It does this by teaching neural networks how to recognize network attack patterns using the backpropagation algorithm. The proposed system is a big step forward from where the field is now because it uses a complex neural network algorithm to create an NDP anomaly-based detection system. Using a real dataset to test the proposed system's performance shows that it can find NDP anomalies with a 99.95% success rate, a 99.92% precision rate, a 99.98% recall rate, an F1-Score of 99.98%, and a 0.040% false positive rate. Also, the proposed approach shows better results compared to other existing approaches. [ABSTRACT FROM AUTHOR] – Name: AbstractSuppliedCopyright Label: Group: Ab Data: <i>Copyright of International Journal of Information Security is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.) |
| PLink | https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=177464357 |
| RecordInfo | BibRecord: BibEntity: Identifiers: – Type: doi Value: 10.1007/s10207-024-00815-1 Languages: – Code: eng Text: English PhysicalDescription: Pagination: PageCount: 17 StartPage: 1787 Subjects: – SubjectFull: Internet Engineering Task Force (Organization) Type: general – SubjectFull: Internet protocol version 6 Type: general – SubjectFull: Computer network traffic Type: general – SubjectFull: Internet protocols Type: general – SubjectFull: Algorithms Type: general – SubjectFull: Internet protocol address Type: general – SubjectFull: Denial of service attacks Type: general Titles: – TitleFull: Neighbor discovery protocol anomaly-based detection system using neural network algorithm. Type: main BibRelationships: HasContributorRelationships: – PersonEntity: Name: NameFull: Saad, Redhwan M. A. – PersonEntity: Name: NameFull: Anbar, Mohammed – PersonEntity: Name: NameFull: Manickam, Selvakumar – PersonEntity: Name: NameFull: Shaheen, Samir I. – PersonEntity: Name: NameFull: Hasbullah, Iznan H. IsPartOfRelationships: – BibEntity: Dates: – D: 01 M: 06 Text: Jun2024 Type: published Y: 2024 Identifiers: – Type: issn-print Value: 16155262 Numbering: – Type: volume Value: 23 – Type: issue Value: 3 Titles: – TitleFull: International Journal of Information Security Type: main |
| ResultId | 1 |