An intrusion detection system for DDoS flooding attacks on IPv6 networks using deep learning techniques
The news about distributed denial of service (DDoS) attacks is rapidly increased around the world. Many services of companies and/or governments are victims of the attack. The main purpose of DDoS attacks is to overload the service for a long time, rather than to steal money or data from the targets...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English English English |
| Published: |
2021
|
| Subjects: | |
| Online Access: | http://eprints.uthm.edu.my/1771/2/AHMED%20MARWAN%20IDREES%20ALEESA%20-%20declaration.pdf http://eprints.uthm.edu.my/1771/1/AHMED%20MARWAN%20IDREES%20ALEESA%20-%2024p.pdf http://eprints.uthm.edu.my/1771/3/AHMED%20MARWAN%20IDREES%20ALEESA%20-%20fulltext.pdf http://eprints.uthm.edu.my/1771/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.uthm.eprints.1771 |
|---|---|
| record_format |
eprints |
| spelling |
my.uthm.eprints.17712021-10-11T01:36:20Z http://eprints.uthm.edu.my/1771/ An intrusion detection system for DDoS flooding attacks on IPv6 networks using deep learning techniques Ahmed Marwan, Idrees Aleesa TK5101-6720 Telecommunication. Including telegraphy, telephone, radio, radar, television The news about distributed denial of service (DDoS) attacks is rapidly increased around the world. Many services of companies and/or governments are victims of the attack. The main purpose of DDoS attacks is to overload the service for a long time, rather than to steal money or data from the targets. Since the user might not re-use services jammed by crackers, a company attacked by the crackers will lose many benefits. Major challenges are faced by the researchers are the unavailability of the dataset such as “no labelled DDoS attacks for IPv6, no data available online for download or use, few datasets on the internet but the security institutes or researchers who own it are kept private even for the research purposes”. In this research, I developed a DDoS-IPv6 dataset from real attacks traffic that contains 96 extracted features, the generated IPv6-DDoS dataset where had been collected by capturing attacks packets can be converted into network flows that contain rich metadata about the statistics of each flow, which are composed of the captured packet data. These flows are structured in the form of tabular data and contain both continuous and categorical features. Then deployed deep learning technique as intrusion detection system on the developed dataset, moreover optimised deep learning hyperparameters (i.e. the number of hidden layers/neurons, etc.) in order to find the optimal deep learning model, and check if the optimisation of layers/neurons would contribute to improving the accuracy. Accordingly, the result of the optimal deep learning technique for the four models with the developed dataset DDoS-IPv6 are between 99.79% and 99.996% and losses are between 0.0014% and 0.781%. I found that all the techniques succeeded to classify/detect IPv6 attacks and this will lead to new further research that needs to be developed in this area. 2021-03 Thesis NonPeerReviewed text en http://eprints.uthm.edu.my/1771/2/AHMED%20MARWAN%20IDREES%20ALEESA%20-%20declaration.pdf text en http://eprints.uthm.edu.my/1771/1/AHMED%20MARWAN%20IDREES%20ALEESA%20-%2024p.pdf text en http://eprints.uthm.edu.my/1771/3/AHMED%20MARWAN%20IDREES%20ALEESA%20-%20fulltext.pdf Ahmed Marwan, Idrees Aleesa (2021) An intrusion detection system for DDoS flooding attacks on IPv6 networks using deep learning techniques. Doctoral thesis, Universiti Tun Hussein Onn Malaysia. |
| institution |
Universiti Tun Hussein Onn Malaysia |
| building |
UTHM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Tun Hussein Onn Malaysia |
| content_source |
UTHM Institutional Repository |
| url_provider |
http://eprints.uthm.edu.my/ |
| language |
English English English |
| topic |
TK5101-6720 Telecommunication. Including telegraphy, telephone, radio, radar, television |
| spellingShingle |
TK5101-6720 Telecommunication. Including telegraphy, telephone, radio, radar, television Ahmed Marwan, Idrees Aleesa An intrusion detection system for DDoS flooding attacks on IPv6 networks using deep learning techniques |
| description |
The news about distributed denial of service (DDoS) attacks is rapidly increased around the world. Many services of companies and/or governments are victims of the attack. The main purpose of DDoS attacks is to overload the service for a long time, rather than to steal money or data from the targets. Since the user might not re-use services jammed by crackers, a company attacked by the crackers will lose many benefits. Major challenges are faced by the researchers are the unavailability of the dataset such as “no labelled DDoS attacks for IPv6, no data available online for download or use, few datasets on the internet but the security institutes or researchers who own it are kept private even for the research purposes”. In this research, I developed a DDoS-IPv6 dataset from real attacks traffic that contains 96 extracted features, the generated IPv6-DDoS dataset where had been collected by capturing attacks packets can be converted into network flows that contain rich metadata about the statistics of each flow, which are composed of the captured packet data. These flows are structured in the form of tabular data and contain both continuous and categorical features. Then deployed deep learning technique as intrusion detection system on the developed dataset, moreover optimised deep learning hyperparameters (i.e. the number of hidden layers/neurons, etc.) in order to find the optimal deep learning model, and check if the optimisation of layers/neurons would contribute to improving the accuracy. Accordingly, the result of the optimal deep learning technique for the four models with the developed dataset DDoS-IPv6 are between 99.79% and 99.996% and losses are between 0.0014% and 0.781%. I found that all the techniques succeeded to classify/detect IPv6 attacks and this will lead to new further research that needs to be developed in this area. |
| format |
Thesis |
| author |
Ahmed Marwan, Idrees Aleesa |
| author_facet |
Ahmed Marwan, Idrees Aleesa |
| author_sort |
Ahmed Marwan, Idrees Aleesa |
| title |
An intrusion detection system for DDoS flooding attacks on IPv6 networks using deep learning techniques |
| title_short |
An intrusion detection system for DDoS flooding attacks on IPv6 networks using deep learning techniques |
| title_full |
An intrusion detection system for DDoS flooding attacks on IPv6 networks using deep learning techniques |
| title_fullStr |
An intrusion detection system for DDoS flooding attacks on IPv6 networks using deep learning techniques |
| title_full_unstemmed |
An intrusion detection system for DDoS flooding attacks on IPv6 networks using deep learning techniques |
| title_sort |
intrusion detection system for ddos flooding attacks on ipv6 networks using deep learning techniques |
| publishDate |
2021 |
| url |
http://eprints.uthm.edu.my/1771/2/AHMED%20MARWAN%20IDREES%20ALEESA%20-%20declaration.pdf http://eprints.uthm.edu.my/1771/1/AHMED%20MARWAN%20IDREES%20ALEESA%20-%2024p.pdf http://eprints.uthm.edu.my/1771/3/AHMED%20MARWAN%20IDREES%20ALEESA%20-%20fulltext.pdf http://eprints.uthm.edu.my/1771/ |
| _version_ |
1738580903347617792 |
| score |
13.214268 |