{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,20]],"date-time":"2025-12-20T22:00:56Z","timestamp":1766268056188},"publisher-location":"Singapore","reference-count":51,"publisher":"Springer Singapore","isbn-type":[{"type":"print","value":"9789811526923"},{"type":"electronic","value":"9789811526930"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-981-15-2693-0_11","type":"book-chapter","created":{"date-parts":[[2020,1,16]],"date-time":"2020-01-16T12:29:03Z","timestamp":1579177743000},"page":"153-167","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":13,"title":["Overview of IPv6 Based DDoS and DoS Attacks Detection Mechanisms"],"prefix":"10.1007","author":[{"given":"Abdullah Ahmed","family":"Bahashwan","sequence":"first","affiliation":[]},{"given":"Mohammed","family":"Anbar","sequence":"additional","affiliation":[]},{"given":"Sabri M.","family":"Hanshi","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,1,17]]},"reference":[{"issue":"46","key":"11_CR1","first-page":"399","volume":"14","author":"M Zulkiflee","year":"2015","unstructured":"Zulkiflee, M., Azmi, M., Ahmad, S., Sahib, S., Ghani, M.: A framework of features selection for ipv6 network attacks detection. WSEAS Trans. Commun. 14(46), 399\u2013408 (2015)","journal-title":"WSEAS Trans. Commun."},{"key":"11_CR2","unstructured":"Mali, P., Phadke, R., Rao, J., Sanghvi, R.: Mitigating IPv6 Vulnerabilities (2015)"},{"key":"11_CR3","doi-asserted-by":"crossref","unstructured":"Deering, S., Hinden, R.: Internet protocol, version 6 (IPv6) specification (No. RFC 8200) (2017)","DOI":"10.17487\/RFC8200"},{"key":"11_CR4","doi-asserted-by":"publisher","DOI":"10.1007\/b135746","volume-title":"Understanding IPv6","author":"Y Mun","year":"2005","unstructured":"Mun, Y., Lee, H.K.: Understanding IPv6. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/b135746"},{"issue":"3","key":"11_CR5","doi-asserted-by":"publisher","first-page":"244","DOI":"10.1080\/02564602.2015.1098576","volume":"33","author":"RM Saad","year":"2016","unstructured":"Saad, R.M., Anbar, M., Manickam, S., Alomari, E.: An intelligent ICMPv6 DDoS flooding-attack detection framework (V6IIDS) using back-propagation neural network. IETE Tech. Rev. 33(3), 244\u2013255 (2016)","journal-title":"IETE Tech. Rev."},{"key":"11_CR6","doi-asserted-by":"crossref","unstructured":"Radhakrishnan, R., Jamil, M., Mehfuz, S., Moinuddin, M.: Security issues in IPv6. In: International Conference on Networking and Services (ICNS 2007), pp. 110\u2013110. IEEE (2007)","DOI":"10.1109\/ICNS.2007.106"},{"key":"11_CR7","unstructured":"Tian, J., Li, Z.: The next generation Internet protocol and its test. In: ICC 2001. IEEE International Conference on Communications. Conference Record (Cat. No. 01CH37240), Vol. 1, pp. 210\u2013215. IEEE (2001)"},{"key":"11_CR8","doi-asserted-by":"crossref","unstructured":"Conta, A., Gupta, M.: Internet control message protocol (ICMPv6) for the internet protocol version 6 (IPv6) specification (2006)","DOI":"10.17487\/rfc4443"},{"key":"11_CR9","doi-asserted-by":"crossref","unstructured":"Najjar, F., Kadhum, M.M.: Reliable behavioral dataset for IPv6 neighbor discovery protocol investigation. In: 2015 5th International Conference on IT Convergence and Security (ICITCS), pp. 1\u20135. IEEE (2015)","DOI":"10.1109\/ICITCS.2015.7293014"},{"key":"11_CR10","doi-asserted-by":"crossref","unstructured":"Arjuman, N.C., Manickam, S.: A review on ICMPv6 vulnerabilities and its mitigation techniques: classification and art. In: 2015 International Conference on Computer, Communications, and Control Technology (I4CT), pp. 323\u2013327. IEEE (2015)","DOI":"10.1109\/I4CT.2015.7219590"},{"key":"11_CR11","unstructured":"Osman, A.: Improvement of Address Resolution Security in IPv6 Local Network using Trust-ND (2015)"},{"issue":"11","key":"11_CR12","doi-asserted-by":"publisher","first-page":"11306","DOI":"10.1166\/asl.2017.10272","volume":"23","author":"M Anbar","year":"2017","unstructured":"Anbar, M., Abdullah, R., Saad, R., Hasbullah, I.H.: Review of preventive security mechanisms for neighbour discovery protocol. Adv. Sci. Lett. 23(11), 11306\u201311310 (2017)","journal-title":"Adv. Sci. Lett."},{"key":"11_CR13","doi-asserted-by":"publisher","first-page":"551","DOI":"10.1007\/978-3-319-95957-3_58","volume-title":"Intelligent Computing Methodologies","author":"AA Alsadhan","year":"2018","unstructured":"Alsadhan, A.A., Hussain, A., Baker, T., Alfandi, O.: Detecting distributed denial of service attacks in neighbour discovery protocol using machine learning algorithm based on streams representation. In: Huang, D.S., Gromiha, M., Han, K., Hussain, A. (eds.) Intelligent Computing Methodologies, vol. 10956, pp. 551\u2013563. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-95957-3_58"},{"key":"11_CR14","unstructured":"Zhang, T., Wang, Z.: Research on IPv6 neighbor discovery protocol (NDP) security. In: 2016 2nd IEEE International Conference on Computer and Communications (ICCC), pp. 2032\u20132035. IEEE (2016)"},{"issue":"12","key":"11_CR15","doi-asserted-by":"publisher","first-page":"3815","DOI":"10.1007\/s00521-017-2967-y","volume":"30","author":"RM Saad","year":"2018","unstructured":"Saad, R.M., Anbar, M., Manickam, S.: Rule-based detection technique for ICMPv6 anomalous behaviour. Neural Comput. Appl. 30(12), 3815\u20133824 (2018)","journal-title":"Neural Comput. Appl."},{"issue":"3","key":"11_CR16","first-page":"795","volume":"64","author":"R Saad","year":"2014","unstructured":"Saad, R., Manickam, S., Alomari, E., Anbar, M., Singh, P.: Design & deployment of testbed based on ICMPv6 flooding attack. J. Theoret. Appl. Inf. Technol. 64(3), 795\u2013801 (2014)","journal-title":"J. Theoret. Appl. Inf. Technol."},{"key":"11_CR17","doi-asserted-by":"crossref","unstructured":"Mowla, N.I., Doh, I., Chae, K.: Multi-defense mechanism against DDoS in SDN based CDNi. In: 2014 Eighth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, pp. 447\u2013451. IEEE (2014)","DOI":"10.1109\/IMIS.2014.64"},{"issue":"4","key":"11_CR18","doi-asserted-by":"publisher","first-page":"390","DOI":"10.1080\/02564602.2016.1192964","volume":"34","author":"OE Elejla","year":"2017","unstructured":"Elejla, O.E., Anbar, M., Belaton, B.: ICMPv6-based DoS and DDoS attacks and defense mechanisms. IETE Tech. Rev. 34(4), 390\u2013407 (2017)","journal-title":"IETE Tech. Rev."},{"issue":"2","key":"11_CR19","doi-asserted-by":"publisher","first-page":"201","DOI":"10.1007\/s12559-017-9519-8","volume":"10","author":"M Anbar","year":"2018","unstructured":"Anbar, M., Abdullah, R., Al-Tamimi, B.N., Hussain, A.: A machine learning approach to detect router advertisement flooding attacks in next-generation IPv6 networks. Cogn. Comput. 10(2), 201\u2013214 (2018)","journal-title":"Cogn. Comput."},{"key":"11_CR20","doi-asserted-by":"crossref","unstructured":"Elejla, O.E., Belaton, B., Anbar, M., Smadi, I.M.: A new set of features for detecting router advertisement flooding attacks. In: 2017 Palestinian International Conference on Information and Communication Technology (PICICT), pp. 1\u20135. IEEE (2017)","DOI":"10.1109\/PICICT.2017.19"},{"key":"11_CR21","doi-asserted-by":"crossref","unstructured":"Anbar, M., Abdullah, R., Hasbullah, I.H., Chong, Y.W., Elejla, O.E.: Comparative performance analysis of classification algorithms for intrusion detection system. In: 2016 14th Annual Conference on Privacy, Security and Trust (PST), pp. 282\u2013288. IEEE (2016)","DOI":"10.1109\/PST.2016.7906975"},{"key":"11_CR22","doi-asserted-by":"publisher","first-page":"558","DOI":"10.1016\/j.future.2017.09.056","volume":"79","author":"D Papamartzivanos","year":"2018","unstructured":"Papamartzivanos, D., M\u00e1rmol, F.G., Kambourakis, G.: Dendron: genetic trees driven rule induction for network intrusion detection systems. Future Gener. Comput. Syst. 79, 558\u2013574 (2018)","journal-title":"Future Gener. Comput. Syst."},{"issue":"7","key":"11_CR23","first-page":"26","volume":"28","author":"VVRPV Jyothsna","year":"2011","unstructured":"Jyothsna, V.V.R.P.V., Prasad, V.R., Prasad, K.M.: A review of anomaly based intrusion detection systems. Int. J. Comput. Appl. 28(7), 26\u201335 (2011)","journal-title":"Int. J. Comput. Appl."},{"key":"11_CR24","doi-asserted-by":"crossref","unstructured":"Moore, N.: Optimistic duplicate address detection (DAD) for IPv6 (No. RFC 4429) (2006)","DOI":"10.17487\/rfc4429"},{"issue":"2","key":"11_CR25","first-page":"97","volume":"15","author":"M Uddin","year":"2013","unstructured":"Uddin, M., Rahman, A.A., Uddin, N., Memon, J., Alsaqour, R.A., Kazi, S.: Signature-based Multi-layer distributed intrusion detection system using mobile agents. IJ Netw. Secur. 15(2), 97\u2013105 (2013)","journal-title":"IJ Netw. Secur."},{"issue":"23\u201324","key":"11_CR26","doi-asserted-by":"publisher","first-page":"2435","DOI":"10.1016\/S1389-1286(99)00112-7","volume":"31","author":"V Paxson","year":"1999","unstructured":"Paxson, V.: Bro: a system for detecting network intruders in real-time. Comput. Netw. 31(23\u201324), 2435\u20132463 (1999)","journal-title":"Comput. Netw."},{"key":"11_CR27","unstructured":"Roesch, M.: Snort: lightweight intrusion detection for networks. In: Lisa, vol. 99, no. 1, pp. 229\u2013238 (1999)"},{"key":"11_CR28","unstructured":"Suricata: Suricata\u2014Open Source IDS\/IPS\/NSM engine. https:\/\/suricata-ids.org . Accessed 02 Apr 2019"},{"key":"11_CR29","unstructured":"Gehrke, K.A.: The unexplored impact of ipv6 on intrusion detection systems. Naval Postgraduate School, Monterey, CA, Department of Computer Science (2012)"},{"issue":"12","key":"11_CR30","doi-asserted-by":"publisher","first-page":"3448","DOI":"10.1016\/j.comnet.2007.02.001","volume":"51","author":"A Patcha","year":"2007","unstructured":"Patcha, A., Park, J.M.: An overview of anomaly detection techniques: existing solutions and latest technological trends. Comput. Netw. 51(12), 3448\u20133470 (2007)","journal-title":"Comput. Netw."},{"issue":"3","key":"11_CR31","doi-asserted-by":"publisher","first-page":"517","DOI":"10.1016\/j.compeleceng.2008.12.005","volume":"35","author":"MA Ayd\u0131n","year":"2009","unstructured":"Ayd\u0131n, M.A., Zaim, A.H., Ceylan, K.G.: A hybrid intrusion detection system design for computer network security. Comput. Electr. Eng. 35(3), 517\u2013526 (2009)","journal-title":"Comput. Electr. Eng."},{"key":"11_CR32","doi-asserted-by":"crossref","unstructured":"Beck, F., Cholez, T., Festor, O., Chrisment, I.: Monitoring the neighbor discovery protocol. In: 2007 International Multi-Conference on Computing in the Global Information Technology (ICCGI 2007), pp. 57\u201357. IEEE (2007)","DOI":"10.1109\/ICCGI.2007.39"},{"key":"11_CR33","unstructured":"Lecigne, C.: Ndpwatch, Ethernet\/IPv6 address pairings monitor. http:\/\/ndpwatch.sourceforge.net\/ . Accessed 19 Apr 2018"},{"key":"11_CR34","unstructured":"Morse, J.: Router Advert MONitoring Daemon. http:\/\/ramond.sourceforge.net\/ . Accessed 19 Apr 2018"},{"issue":"1","key":"11_CR35","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1007\/s00521-016-2812-8","volume":"30","author":"OE Elejla","year":"2018","unstructured":"Elejla, O.E., Belaton, B., Anbar, M., Alnajjar, A.: Intrusion detection systems of ICMPv6-based DDoS attacks. Neural Comput. Appl. 30(1), 45\u201356 (2018)","journal-title":"Neural Comput. Appl."},{"key":"11_CR36","doi-asserted-by":"crossref","unstructured":"Barbhuiya, F.A., Biswas, S., Nandi, S.: Detection of neighbor solicitation and advertisement spoofing in IPv6 neighbor discovery protocol. In: Proceedings of the 4th International Conference on Security of Information and Networks, pp. 111\u2013118. ACM (2011)","DOI":"10.1145\/2070425.2070444"},{"key":"11_CR37","doi-asserted-by":"crossref","unstructured":"Bansal, G., Kumar, N., Nandi, S., Biswas, S.: Detection of NDP based attacks using MLD. In: Proceedings of the Fifth International Conference on Security of Information and Networks, pp. 163\u2013167. ACM (2012)","DOI":"10.1145\/2388576.2388600"},{"issue":"2","key":"11_CR38","doi-asserted-by":"crossref","first-page":"168","DOI":"10.17485\/ijst\/2014\/v7i2.5","volume":"7","author":"RM Saad","year":"2014","unstructured":"Saad, R.M., Almomani, A., Altaher, A., Gupta, B.B., Manickam, S.: ICMPv6 flood attack detection using DENFIS algorithms. Indian J. Sci. Technol. 7(2), 168 (2014)","journal-title":"Indian J. Sci. Technol."},{"key":"11_CR39","doi-asserted-by":"crossref","unstructured":"Saad, R.M.A.: ICMPv6 echo request DDoS attack detection framework using back-propagation neural network, Doctoral dissertation, Universiti Sains Malaysia (2016)","DOI":"10.1080\/02564602.2015.1098576"},{"key":"11_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"608","DOI":"10.1007\/978-3-642-02617-1_62","volume-title":"Advances in Information Security and Assurance","author":"Z Liu","year":"2009","unstructured":"Liu, Z., Lai, Y.: A data mining framework for building intrusion detection models based on IPv6. In: Park, J.H., Chen, H.H., Atiquzzaman, M., Lee, C., Kim, T., Yeo, S.S. (eds.) ISA 2009. LNCS, vol. 5576, pp. 608\u2013618. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-02617-1_62"},{"key":"11_CR41","doi-asserted-by":"publisher","first-page":"238","DOI":"10.1016\/j.cose.2017.05.009","volume":"70","author":"MF Umer","year":"2017","unstructured":"Umer, M.F., Sher, M., Bi, Y.: Flow-based intrusion detection: techniques and challenges. Comput. Secur. 70, 238\u2013254 (2017)","journal-title":"Comput. Secur."},{"key":"11_CR42","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1016\/j.procs.2015.04.007","volume":"50","author":"J David","year":"2015","unstructured":"David, J., Thomas, C.: DDoS attack detection using fast entropy approach on flow-based network traffic. Procedia Comput. Sci. 50, 30\u201336 (2015)","journal-title":"Procedia Comput. Sci."},{"key":"11_CR43","doi-asserted-by":"crossref","unstructured":"Mousavi, S.M., St-Hilaire, M.: Early detection of DDoS attacks against SDN controllers. In: 2015 International Conference on Computing, Networking and Communications (ICNC), pp. 77\u201381. IEEE (2015)","DOI":"10.1109\/ICCNC.2015.7069319"},{"key":"11_CR44","doi-asserted-by":"crossref","unstructured":"\u00d6z\u00e7elik, \u0130., Brooks, R.R.: Cusum-entropy: an efficient method for DDoS attack detection. In: 2016 4th International Istanbul Smart Grid Congress and Fair (ICSG), pp. 1\u20135. IEEE (2016)","DOI":"10.1109\/SGCF.2016.7492429"},{"key":"11_CR45","doi-asserted-by":"publisher","first-page":"315","DOI":"10.1007\/978-981-13-2622-6_31","volume-title":"Computational Science and Technology","author":"SBI Shah","year":"2019","unstructured":"Shah, S.B.I., Anbar, M., Al-Ani, A., Al-Ani, A.K.: Hybridizing entropy based mechanism with adaptive threshold algorithm to detect RA flooding attack in IPv6 networks. In: Alfred, R., Lim, Y., Ibrahim, A., Anthony, P. (eds.) Computational Science and Technology, vol. 481, pp. 315\u2013323. Springer, Singapore (2019). https:\/\/doi.org\/10.1007\/978-981-13-2622-6_31"},{"issue":"1","key":"11_CR46","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1109\/TETCI.2017.2772792","volume":"2","author":"N Shone","year":"2018","unstructured":"Shone, N., Ngoc, T.N., Phai, V.D., Shi, Q.: A deep learning approach to network intrusion detection. IEEE Trans. Emerg. Top. Comput. Intell. 2(1), 41\u201350 (2018)","journal-title":"IEEE Trans. Emerg. Top. Comput. Intell."},{"key":"11_CR47","doi-asserted-by":"crossref","unstructured":"Karatas, G., Demir, O., Sahingoz, O.K.: Deep learning in intrusion detection systems. In: 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT), pp. 113\u2013116. IEEE, December 2018","DOI":"10.1109\/IBIGDELFT.2018.8625278"},{"key":"11_CR48","doi-asserted-by":"crossref","unstructured":"Javaid, A., Niyaz, Q., Sun, W., Alam, M.: A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International Conference on Bio-Inspired Information and Communications Technologies (formerly BIONETICS), pp. 21\u201326. ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering) (2016)","DOI":"10.4108\/eai.3-12-2015.2262516"},{"key":"11_CR49","unstructured":"Van, N.T., Thinh, T.N., Sach, L.T.: An anomaly-based network intrusion detection system using deep learning. In: 2017 International Conference on System Science and Engineering (ICSSE), pp. 210\u2013214. IEEE (2017)"},{"issue":"3","key":"11_CR50","first-page":"8","volume":"11","author":"S Gurung","year":"2019","unstructured":"Gurung, S., Ghose, M.K., Subedi, A.: Deep learning approach on network intrusion detection system using NSL-KDD dataset. Int. J. Comput. Netw. Inf. Secur. 11(3), 8 (2019)","journal-title":"Int. J. Comput. Netw. Inf. Secur."},{"issue":"4","key":"11_CR51","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1109\/MSP.2012.27","volume":"10","author":"A AlSa\u2019deh","year":"2012","unstructured":"AlSa\u2019deh, A., Meinel, C.: Secure neighbor discovery: review, challenges, perspectives, and recommendations. IEEE Secur. Priv. 10(4), 26\u201334 (2012)","journal-title":"IEEE Secur. Priv."}],"container-title":["Communications in Computer and Information Science","Advances in Cyber Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-15-2693-0_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,2,22]],"date-time":"2021-02-22T10:44:28Z","timestamp":1613990668000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-981-15-2693-0_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9789811526923","9789811526930"],"references-count":51,"URL":"https:\/\/doi.org\/10.1007\/978-981-15-2693-0_11","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"17 January 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ACeS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Advances in Cyber Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Penang","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Malaysia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 July 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 August 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"aces2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/aces.usm.my\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}