Abstract Detecting the denial of service attacks that solely target the router is a maximum security imperative in deploying IPv6 networks. The state-of-the-art Denial of Service detection methods aim at leveraging the advantages of flow statistical features and machine learning techniques. However, the detection performance is highly affected by the quality of the feature selector and the reliability of datasets of IPv6 flow information. This paper proposes a new neuro-fuzzy inference system to tackle the problem of classifying the packets in IPv6 networks in crucial situation of small-supervised training dataset. The proposed system is capable of classifying the IPv6 router alert option packets into denial of service and normal by utilizing the neuro-fuzzy strengths to boost the classification accuracy. A mathematical analysis from the fuzzy sets theory perspective is provided to express performance benefit of the proposed system. An empirical performance test is conducted on comprehensive dataset of IPv6 packets produced in a supervised environment. The result shows that the proposed system overcomes robustly some state-of-the-art systems.

References

[1] Abdulla S., “Survey of Security Issues in IPv4 to IPv6 Tunnel Transition Mechanisms,” International Journal of Information Security, vol. 12, no. 2, pp. 83-102, 2017.

[2] Abdulla S., Ramadass S., and Altyebb A., “kENFIS: kNN-based Evolving Neuro-Fuzzy Inference System for Computer Worms Detection,” Journal of Intelligent and Fuzzy Systems, vol. 26, no. 4, pp. 1893-1908, 2014.

[3] Abdulla S. and Altyebb A., “Intelligent Approach for Android Malware Detection,” KSII Transactions on Internet and Information Systems, vol. 9, no. 8, pp. 2964-2983, 2015.

[4] Ahmed A., Hassan R., and Othman N., “Security Threats for Ipv6 Transition Strategies: A Review,” in Preceedings of 4th International Conference on Engineering Technology and Technopreneuship, Kuala Lumpur, pp. 83-88, 2014.

[5] AlSa'deh A. and Meinel C., “Secure Neighbor Discovery: Review, Challenges, Perspectives, and Recommendations,” IEEE Security and Privacy, vol. 10, no. 4, pp. 26-34, 2012.

[6] An G., Kim K., Jang J., and Jeon Y., “Analysis of SEND Protocol Through Implementation and Simulation,” in Preceedings of International Conference on Convergence Information Technology, Gyeongju, pp. 670- 676, 2007. (11) Tests Tests A Neuro-Fuzzy System to Detect IPv6 Router Alert Option DoS Packets 25

[7] Arjuman N. and Manickam S., “A Review on Icmpv6 Vulnerabilities and its Mitigation Techniques: Classification and Art,” in Preceedings of International Conference on Computer, Communications, and Control Technology, Kuching, pp. 323-327, 2015.

[8] Basnet R. and Sung A., “Classifying Phishing Emails Using Confidence-Weighted Linear Classifiers,” in Preceedings of in International Conference on Information Security and Artificial Intelligence, Chengdu, pp. 108-112, 2010.

[9] Bilski T., “From IPv4 to IPv6-Data Security in the Transition Phase,” in Preceedings of The 7th International Conference on Networking and Services, Venice, pp. 66-72, 2011.

[10] Biondi P., Scapy. Available: http://www.secdev.org/projects/scapy/, Last Visited, 2018.

[11] Caudle R., How to Minimize the Impact from DDoS attacks. Available: https://gcn.com/articles/2015/07/27/ddos- attack-mitigation.aspx, Last Visited, 2018.

[12] Deering S. and Hinden R., “RFC 2460: Internet Protocol,” Internet Engineering Task Force (IETF) Request for Comment, 1998.

[13] Edinson P. and Muthuraj L., “Performance Analysis of FCM based ANFIS and ELMAN Neural Network in Software Effort Estimation,” The International Arab Journal of Information Technology, vol. 15, no. 1, pp. 94-102, 2018.

[14] Elejla O., Anbar M., and Belaton B., “ICMPv6- Based DoS and DDoS Attacks and Defense Mechanisms: Review,” IETE Technical Review, vol. 14, no. 4, pp. 390-407, 2016.

[15] Fullér R., Introduction to Neuro-Fuzzy Systems, Springer Science and Business Media, 2013.

[16] Fushiki T., “Estimation of Prediction Error by K-fold Cross-Validation,” Statistics and Computing, vol. 21, no. 2, pp. 137-146, 2011.

[17] Jang J., “ANFIS: Adaptive-Network-Based Fuzzy Inference System,” IEEE Transactions on Systems, Man, and Cybernetics, vol. 23, no. 3, pp. 665-685, 1993.

[18] Kasabov N. and Song Q., “DENFIS: Dynamic Evolving Neural-Fuzzy Inference System and its Application for Time-Series Prediction,” IEEE Transactions on Fuzzy Systems, vol. 10, no. 2, pp. 144-154, 2002.

[19] Kent S. and Atkinson R., “RFC 2401: Security Architecture for the Internet Protocol,” Internet Engineering Task Force (IETF), 1998.

[20] Liu Z. and Lai Y., “A Data Mining Framework for Building Intrusion Detection Models Based on IPv6,” in Preceedings of in International Conference on Information Security, Seoul, pp. 608-618, 2009.

[21] Modares H., Moravejosharieh A., Keshavarz H., and Salleh R., “Protection of Binding Update Message in Mobile IPv6,” in Preceedings of 6th UKSim/AMSS European Symposium on Computer Modeling and Simulation, Valetta, pp. 444-447, 2012.

[22] Olson D. and Delen D., Advanced Data Mining Techniques: Springer Science and Business Media, 2008.

[23] Partridge C. and Jackson A., “RFC: 2711: IPv6 Router Alert Option,” Internet Engineering Task Force (IETF) Request for Comment, 2070-1721, 1999.

[24] Szigeti S. and Risztics P., “Will IPv6 bring Better Security?,” in Proceedings of The 30th IEEE EUROMICRO Conference, Rennes, pp. 532-537, 2004.

[25] Tripathi N. and Mehtre B., “DoS and DDoS Attacks: Impact, Analysis and Countermeasures,” in Preceedings of in National Conference on Advances in Computing, Networking and Security, India, 2013.

[26] Ullrich J., Krombholz K., Hobel H., Dabrowski A., and Weippl E., “IPv6 Security: Attacks and Countermeasures in a Nutshell,” in Proceedings of the 8th USENIX Conference on Offensive Technologies, San Diego, pp. 5-5, 2014.

[27] Weber J., “IPv6 Security Test Laboratory,” Master Thesis, Ruhr-University Bochum, Germany, 2013.

[28] Yang X., Ma T., and Shi Y., “Typical dos/ddos Threats under ipv6,” in Preceedings of International Multi-Conference on Computing in the Global Information Technology, Guadeloupe City, pp. 55-55, 2007.

[29] Zhang J., Chen C., Xiang Y., Zhou W., and Vasilakos A., “An Effective Network Traffic Classification Method with Unknown Flow Detection,” IEEE Transactions on Network and Service Management, vol. 10, pp. 133-147, 2013. Shubair Abdulla received his BSc degree in computer science from Basra University in 1994. He received his MSc and PhD degrees in computer science from University Sains Malaysia (USM) in 2007 and 2014 respectively. Currently, he is working at Sultan Qaboos University, Oman, Muscat. His research interests include data mining, network security, and fuzzy inference systems.