一组检测路由器通告泛洪攻击的新特征

2017 Palestinian International Conference on Information and Communication Technology (PICICT) Pub Date : 2017-05-08 DOI:10.1109/PICICT.2017.19

Omar E. Elejla, B. Belaton, Mohammed Anbar, Issa M. Smadi

{"title":"一组检测路由器通告泛洪攻击的新特征","authors":"Omar E. Elejla, B. Belaton, Mohammed Anbar, Issa M. Smadi","doi":"10.1109/PICICT.2017.19","DOIUrl":null,"url":null,"abstract":"ICMPv6 is vulnerable to a set of attacks that contributes to preventing IPv6 from being trusted for full implementations on today's networks. One of these attacks is Router Advertisement (RA) flooding attack by sending a huge traffic toward a victim to consume its resources and stop its services. To detect these attacks, classification processes are applied based on a set of features used to represent the network traffic. This paper proposes a set of representative features depends on a suitable formation of data using a flow representation of the traffic. The proposed features and representation have achieved an acceptable detection ability of the RA flooding attacks using several classification techniques. Moreover, the achieved detection ability might be further improved by extracting more representative features or selecting a subset of them to represent the traffic.","PeriodicalId":259869,"journal":{"name":"2017 Palestinian International Conference on Information and Communication Technology (PICICT)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"A New Set of Features for Detecting Router Advertisement Flooding Attacks\",\"authors\":\"Omar E. Elejla, B. Belaton, Mohammed Anbar, Issa M. Smadi\",\"doi\":\"10.1109/PICICT.2017.19\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"ICMPv6 is vulnerable to a set of attacks that contributes to preventing IPv6 from being trusted for full implementations on today's networks. One of these attacks is Router Advertisement (RA) flooding attack by sending a huge traffic toward a victim to consume its resources and stop its services. To detect these attacks, classification processes are applied based on a set of features used to represent the network traffic. This paper proposes a set of representative features depends on a suitable formation of data using a flow representation of the traffic. The proposed features and representation have achieved an acceptable detection ability of the RA flooding attacks using several classification techniques. Moreover, the achieved detection ability might be further improved by extracting more representative features or selecting a subset of them to represent the traffic.\",\"PeriodicalId\":259869,\"journal\":{\"name\":\"2017 Palestinian International Conference on Information and Communication Technology (PICICT)\",\"volume\":\"17 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-05-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 Palestinian International Conference on Information and Communication Technology (PICICT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PICICT.2017.19\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 Palestinian International Conference on Information and Communication Technology (PICICT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PICICT.2017.19","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

摘要

ICMPv6容易受到一系列攻击的攻击，这些攻击有助于防止IPv6在当今网络上完全实现。其中一种攻击是RA (Router Advertisement)泛洪攻击，通过向受害者发送大量流量来消耗其资源并停止其服务。为了检测这些攻击，基于一组用于表示网络流量的特征应用了分类过程。本文提出了一组具有代表性的特征，这些特征依赖于使用流量表示的合适的数据形式。采用多种分类技术，所提出的特征和表示实现了对RA泛洪攻击可接受的检测能力。此外，通过提取更多具有代表性的特征或选择其中的一个子集来表示流量，可以进一步提高所实现的检测能力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A New Set of Features for Detecting Router Advertisement Flooding Attacks

ICMPv6 is vulnerable to a set of attacks that contributes to preventing IPv6 from being trusted for full implementations on today's networks. One of these attacks is Router Advertisement (RA) flooding attack by sending a huge traffic toward a victim to consume its resources and stop its services. To detect these attacks, classification processes are applied based on a set of features used to represent the network traffic. This paper proposes a set of representative features depends on a suitable formation of data using a flow representation of the traffic. The proposed features and representation have achieved an acceptable detection ability of the RA flooding attacks using several classification techniques. Moreover, the achieved detection ability might be further improved by extracting more representative features or selecting a subset of them to represent the traffic.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 Palestinian International Conference on Information and Communication Technology (PICICT)

自引率

0.00%

发文量