Internet Protocol version 6 (IPv6) is the most recent iteration of IP, designed to accommodate hundreds of thousands of devices with unique IP addresses. IPv6 introduces new features, such as the Neighbor Discovery Protocol (NDP) and Address Auto-configuration Scheme. For its effective operation, IPv6 relies on several protocols, including ICMPv6, which carries significant responsibilities. Similar to IPv4, IPv6 is susceptible to various attacks, including newer types like DDoS attacks executed via ICMPv6 messages, posing serious security and financial threats. Consequently, an Intrusion Detection System (IDS) is essential to safeguard against these attacks. IDS continuously evolve to incorporate features that can accurately detect such threats. However, feature selection strategies, particularly bio-inspired algorithms, often yield incorrect subsets of features. During machine learning processes, these inaccuracies impede the detection accuracy of DDoS attacks using ICMPv6. Many Optimization Search Algorithms become trapped in local minima and fail to consider multi-objective approaches, resulting in suboptimal feature selection. To address this, optimizing a bio-inspired algorithm within an IPv6 network has been proposed. Specifically, hybridizing the MFPA algorithm with the PSO algorithm is suggested to enhance detection accuracy. The selected features are used to train the dataset with a Support Vector Machine (SVM) classifier. The proposed approach is evaluated using the ICMPv6 dataset on various attacks, demonstrating superior classification accuracy of 97.99 %. It also reduced the number of features from 19 to 8, showcasing its efficiency.
Read full abstract