Abstract
Although the launch of Internet Protocol version six (IPv6) addressed the issue of IPv4's address depletion, but also mandated the use of Internet Control Message Protocol version six (ICMPv6) messages in newly introduced features such as the Neighbor Discovery Protocol (NDP). This has exacerbated existing network attacks including ICMPv6-based Denial of Service (DoS) attacks and its variant form Distributed Denial of Service (DDoS) attack. Intrusion Detection Systems (IDS) aimed at tackling security issues raised by ICMPv6-based DoS and DDoS attacks have been reviewed by researchers and a general classification of existing IDSs was proposed as anomaly-based and signature-based. However, it is incredibly hard to see the overall picture of IDSs based on Machine Learning (ML) techniques with such a classification, as there is a lack of a more detailed view of the ML approach, classifiers, feature selection techniques, datasets, and different evaluation metrics. Nevertheless, recent developments in this relatively new field have not been covered such as ML-based IDSs using flow-based traffic representation. Therefore, this article specifically reviews and classifies IDSs based on ML techniques to detect ICMPv6-based DoS and DDoS attacks as single and hybrid classifiers. In addition, blockchain applicability in Collaborative IDS (CIDS) architecture based on the ensemble framework has been proposed as a solution to one of the open challenges for ICMPv6-based DoS and DDoS attacks detection problem. Moreover, this review also provides a classification of ICMPv6 vulnerabilities to DoS and DDoS attacks which would provide a reference resource for future researchers in this domain. To the best of the author's knowledge, this is the first review paper specifically focusing on IDSs based on ML techniques in this domain, as well as blockchain applicability as a possible research direction has been proposed to attract researcher's focus on building ensemble learning-based IDS models.
Highlights
The global permanent deployment of IPv6 has attracted the interest of researchers to review the security issues raised by numbers of attacks and one of them is the Denial of Service (DoS) attack using ICMPv6 messages [1]
Detection Rate (DR) and False Positive Rate (FPR) were used as the performance metrics which shows that the proposed model achieved DR of 85% along with FPR of 2% when the value of the fuzzy parameter was less than 0.6
SUMMARY This review presents the current state of the art of Machine Learning (ML)-based Intrusion Detection Systems (IDS) for the detection of ICMPv6-based DoS and Distributed Denial of Service (DDoS) attacks
Summary
The global permanent deployment of IPv6 has attracted the interest of researchers to review the security issues raised by numbers of attacks and one of them is the DoS attack using ICMPv6 messages [1]. ML techniques have been reported in numbers of IDSs to detect ICMPv6-based DoS and DDoS attacks, either as single or hybrid classifiers. To the best of our knowledge, there is no review paper focused on IDSs based on ML techniques for ICMPv6-based DoS and DDoS attacks detection. The main contributions of this article are: (i) the review and classification of existing ML-based IDSs for the detection of ICMPv6-based DoS and DDoS attacks, (ii) the identification of open challenges as future research directions, (iii) proposed blockchain applicability in the ensemble framework as one of the possible solutions to these challenges, and (iv) the classification of ICMPv6 vulnerabilities that are revealed by exploitation techniques and not addressed by previous reviews.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
