Open Access

ARTICLE

Feature Selection for Detecting ICMPv6-Based DDoS Attacks Using Binary Flower Pollination Algorithm

Adnan Hasan Bdair Aighuraibawi^1,2, Selvakumar Manickam^1,*, Rosni Abdullah³, Zaid Abdi Alkareem Alyasseri^4,5, Ayman Khallel⁶, Dilovan Asaad Zebari⁹, Hussam Mohammed Jasim⁷, Mazin Mohammed Abed⁸, Zainb Hussein Arif⁷

1 National Advanced IPv6 Centre (NAv6), Universiti Sains Malaysia, Penang, 11800, Malaysia
2 Baghdad College of Economic Sciences University, Baghdad, Iraq
3 School of Computer Sciences, Universiti Sains Malays, Penang, 11800, Malaysia
4 Information Technology Research and Development Center, University of Kufa, Najaf, Iraq
5 College of Engineering, University of Warith Al-Anbiyaa, Karbala, Iraq
6 Faculty of Computing and Informatics, Universiti Malaysia Sabah, Sabah, Malaysia
7 Business Administration, College of Administration and Financial Sciences, Imam Ja’afar Al-Sadiq University, Baghdad, 10001, Iraq
8 College of Computer Science and Information Technology, University of Anbar, Ramadi Anbar, Iraq
9 Department of Computer Science, College of Science, Nawroz University, Duhok, 42001, Kurdistan Region, Iraq

* Corresponding Author: Selvakumar Manickam. Email:

(This article belongs to this Special Issue: Role of Big Data Management, Machine Learning, and Deep Learning Techniques for Ubiquitous Computing)

Computer Systems Science and Engineering 2023, 47(1), 553-574. https://doi.org/10.32604/csse.2023.037948

Received 22 November 2022; Accepted 10 March 2023; Issue published 26 May 2023

Abstract

Internet Protocol version 6 (IPv6) is the latest version of IP that goal to host 3.4 × 10³⁸ unique IP addresses of devices in the network. IPv6 has introduced new features like Neighbour Discovery Protocol (NDP) and Address Auto-configuration Scheme. IPv6 needed several protocols like the Address Auto-configuration Scheme and Internet Control Message Protocol (ICMPv6). IPv6 is vulnerable to numerous attacks like Denial of Service (DoS) and Distributed Denial of Service (DDoS) which is one of the most dangerous attacks executed through ICMPv6 messages that impose security and financial implications. Therefore, an Intrusion Detection System (IDS) is a monitoring system of the security of a network that detects suspicious activities and deals with a massive amount of data comprised of repetitive and inappropriate features which affect the detection rate. A feature selection (FS) technique helps to reduce the computation time and complexity by selecting the optimum subset of features. This paper proposes a method for detecting DDoS flooding attacks (FA) based on ICMPv6 messages using a Binary Flower Pollination Algorithm (BFPA-FA). The proposed method (BFPA-FA) employs FS technology with a support vector machine (SVM) to identify the most relevant, influential features. Moreover, The ICMPv6-DDoS dataset was used to demonstrate the effectiveness of the proposed method through different attack scenarios. The results show that the proposed method BFPA-FA achieved the best accuracy rate (97.96%) for the ICMPv6 DDoS detection with a reduced number of features (9) to half the total (19) features. The proven proposed method BFPA-FA is effective in the ICMPv6 DDoS attacks via IDS.

---

Keywords

---