{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,24]],"date-time":"2026-03-24T16:13:54Z","timestamp":1774368834381,"version":"3.50.1"},"reference-count":60,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2016,12,28]],"date-time":"2016-12-28T00:00:00Z","timestamp":1482883200000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Neural Comput & Applic"],"published-print":{"date-parts":[[2018,7]]},"DOI":"10.1007\/s00521-016-2812-8","type":"journal-article","created":{"date-parts":[[2016,12,28]],"date-time":"2016-12-28T07:51:15Z","timestamp":1482911475000},"page":"45-56","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":25,"title":["Intrusion Detection Systems of ICMPv6-based DDoS attacks"],"prefix":"10.1007","volume":"30","author":[{"given":"Omar E.","family":"Elejla","sequence":"first","affiliation":[]},{"given":"Bahari","family":"Belaton","sequence":"additional","affiliation":[]},{"given":"Mohammed","family":"Anbar","sequence":"additional","affiliation":[]},{"given":"Ahmad","family":"Alnajjar","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,12,28]]},"reference":[{"key":"2812_CR1","doi-asserted-by":"publisher","unstructured":"Elejla OE, Anbar M, Belaton B (2016) Icmpv6-based dos and ddos attacks and defense mechanisms: review. IETE Tech Rev 1\u201318. doi: 10.1080\/02564602.2016.1192964","DOI":"10.1080\/02564602.2016.1192964"},{"issue":"1","key":"2812_CR2","doi-asserted-by":"crossref","first-page":"64","DOI":"10.4103\/0256-4602.107341","volume":"30","author":"IH Hasbullah","year":"2013","unstructured":"Supriyanto, Hasbullah IH, Murugesan RK, Ramadass S (2013) Survey of internet protocol version 6 link local communication security vulnerability and mitigation methods. IETE Tech Rev 30(1):64\u201371","journal-title":"IETE Tech Rev"},{"key":"2812_CR3","doi-asserted-by":"crossref","unstructured":"Conta A, Gupta M (2006) Internet control message protocol (icmpv6) for the internet protocol version 6 (ipv6) specification. Request for Comments 4443. https:\/\/tools.ietf.org\/html\/rfc4443.Last . Accessed Aug 2015","DOI":"10.17487\/rfc4443"},{"key":"2812_CR4","doi-asserted-by":"crossref","unstructured":"Yang X, Ma T, Shi Y (2007) Typical dos\/ddos threats under ipv6. In: Presented at the second international multi-conference on computing in the global information technology challanges ICCGI 2007, IEEE, Guadeloupe, French Caribbean, pp 55\u201355","DOI":"10.1109\/ICCGI.2007.61"},{"key":"2812_CR5","unstructured":"Carp A, Soare A, Rughini\u015f R (2010) Practical analysis of ipv6 security auditing methods. In: Presented at the 9th RoEduNet IEEE international conference, IEEE, Lucian Blaga University of Sibiu, Sibiu, Romania, pp 36\u201341"},{"key":"2812_CR6","unstructured":"Lin Z-W, Wang L-H, Ma Y (2006) Possible attacks based on ipv6 features and its detection. In: Asia-Pacific Advanced Network (APAN) 24th Meeting in Xi\u2019An, China"},{"key":"2812_CR7","unstructured":"Akamai (2015), State of the internet. www.stateoftheinternet.com . Accessed 2015"},{"key":"2812_CR8","doi-asserted-by":"crossref","unstructured":"Barker K (2013) The security implications of ipv6. Netw Secur 2013:5\u20139. http:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S1353485813700680","DOI":"10.1016\/S1353-4858(13)70068-0"},{"key":"2812_CR9","doi-asserted-by":"crossref","unstructured":"Satrya GB, Chandra RL, Yulianto FA (2015) The detection of ddos flooding attack using hybrid analysis in ipv6 networks, In: Presented at the information and communication technology (ICoICT), 2015 3rd international conference on, IEEE, Denpasar, Indonesia, pp 240\u2013244","DOI":"10.1109\/ICoICT.2015.7231429"},{"key":"2812_CR10","unstructured":"Evans D (2011) The internet of things: how the next evolution of the internet is changing everything. http:\/\/www.cisco.com\/c\/dam\/en_us\/about\/ac79\/docs\/innov\/IoT_IBSG_0411FINAL.pdf . Accessed 2015"},{"key":"2812_CR11","unstructured":"Dobbins R (2016) Mirai iot botnet description and ddos attack mitigation. https:\/\/www.arbornetworks.com\/blog\/asert\/mirai-iot-botnet-description-ddos-attack-mitigation\/ . Accessed 2016"},{"key":"2812_CR12","unstructured":"Security KO (2016) Did the mirai botnet really take liberia offline? https:\/\/krebsonsecurity.com\/2016\/11\/did-the-mirai-botnet-really-take-liberia-offline\/.Last . Accessed 2016"},{"key":"2812_CR13","unstructured":"Security KO (2016) The democratization of censorship. https:\/\/krebsonsecurity.com\/2016\/09\/the-democratization-of-censorship\/#more-36451.Last . Accessed 2016"},{"key":"2812_CR14","doi-asserted-by":"crossref","unstructured":"Thomson S (1998) Ipv6 stateless address autoconfiguration. https:\/\/tools.ietf.org\/html\/rfc2462 . Accessed 2016","DOI":"10.17487\/rfc2462"},{"key":"2812_CR15","doi-asserted-by":"crossref","unstructured":"Narten T, Simpson WA, Nordmark E, Soliman H (2007) Neighbor discovery for ip version 6 (ipv6). Request for Comments 4861. https:\/\/tools.ietf.org\/html\/rfc4861.Last . Accessed Dec 2015","DOI":"10.17487\/rfc4861"},{"key":"2812_CR16","unstructured":"Weber J, Wegener C, Schwenk J (2013) Ipv6 security test laboratory. Master dissertation, Department of Network and Data Security, Ruhr-University Bochum, Germany"},{"issue":"3","key":"2812_CR17","first-page":"476","volume":"11","author":"OE Elejla","year":"2016","unstructured":"Elejla OE, Belaton B, Anbar M, Alnajjar A (2016) A reference dataset for icmpv6 flooding attacks. J Eng Appl Sci 11(3):476\u2013481","journal-title":"J Eng Appl Sci"},{"key":"2812_CR18","doi-asserted-by":"crossref","DOI":"10.1007\/978-81-322-0277-6","volume-title":"An investigation into the detection and mitigation of denial of service (dos) attacks: critical information infrastructure protection","author":"S Raghavan","year":"2011","unstructured":"Raghavan S, Dawson E (2011) An investigation into the detection and mitigation of denial of service (dos) attacks: critical information infrastructure protection. Springer, New York"},{"key":"2812_CR19","volume-title":"Ipv6 security: Protection measures for the next internet protocol","author":"S Hogg","year":"2008","unstructured":"Hogg S, Vyncke E (2008) Ipv6 security: Protection measures for the next internet protocol. Pearson Education, London"},{"key":"2812_CR20","doi-asserted-by":"crossref","unstructured":"Kim J-W, Cho H-H, Mun G-J, Seo J-H, Noh B-N, Kim Y-M (2007) Experiments and countermeasures of security vulnerabilities on next generation network. In: Presented at the future generation communication and networking (FGCN 2007), IEEE, Jeju-Island, Korea, pp 559\u2013564","DOI":"10.1109\/FGCN.2007.122"},{"key":"2812_CR21","volume-title":"Internet protocol version six (ipv6) at uc davis: traffic analysis with a security perspective","author":"JB Ard","year":"2012","unstructured":"Ard JB (2012) Internet protocol version six (ipv6) at uc davis: traffic analysis with a security perspective. University of California, Davis"},{"key":"2812_CR22","doi-asserted-by":"crossref","first-page":"307","DOI":"10.1016\/j.jnca.2013.08.001","volume":"40","author":"N Hoque","year":"2014","unstructured":"Hoque N, Bhuyan MH, Baishya RC, Bhattacharyya D, Kalita JK (2014) Network attacks: taxonomy, tools and systems. J Netw Comput Appl 40:307\u2013324","journal-title":"J Netw Comput Appl"},{"issue":"3","key":"2812_CR23","first-page":"1","volume":"33,2016","author":"RM Saad","year":"2016","unstructured":"Saad RM, Anbar M, Manickam S, Alomari E (2016) An intelligent icmpv6 ddos flooding-attack detection framework (v6iids) using back-propagation neural network. IETE Tech Rev 33(3):1\u201312","journal-title":"IETE Tech Rev"},{"issue":"3","key":"2812_CR24","first-page":"795","volume":"64","author":"R Saad","year":"2014","unstructured":"Saad R, Manickam S, Alomari E, Anbar M, Singh P (2014) Design & deployment of testbed based on icmpv6 flooding attack. J Theor Appl Inf Technol 64(3):795\u2013801","journal-title":"J Theor Appl Inf Technol"},{"issue":"2007","key":"2812_CR25","first-page":"94","volume":"800","author":"K Scarfone","year":"2007","unstructured":"Scarfone K, Mell P (2007) Guide to intrusion detection and prevention systems (idps). NIST Spec Publ 800(2007):94","journal-title":"NIST Spec Publ"},{"issue":"2","key":"2812_CR26","first-page":"251","volume":"70","author":"OE Elejla","year":"2014","unstructured":"Elejla OE, Jantan AB, Ahmed AA (2014) Three layers approach for network scanning detection. J Theor Appl Inf Technol 70(2):251\u2013264","journal-title":"J Theor Appl Inf Technol"},{"issue":"1","key":"2812_CR27","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1016\/j.jnca.2012.09.004","volume":"36","author":"H-J Liao","year":"2013","unstructured":"Liao H-J, Lin C-HR, Lin Y-C, Tung K-Y (2013) Intrusion detection system: a comprehensive review. J Netw Comput Appl 36(1):16\u201324","journal-title":"J Netw Comput Appl"},{"key":"2812_CR28","unstructured":"Roesch M (1999) Snort: Lightweight intrusion detection for networks. In: Presented at the 13th USENIX conference on system administration, Seattle, Washington, pp 229\u2013238"},{"key":"2812_CR29","unstructured":"Sch\u00fctte M (2011) Design and implementation of an ipv6 plugin for the snort intrusion detection system. https:\/\/mschuette.name\/files\/uni\/110922-Diplomvortrag-SnortIPv6.pdf . Accessed 2016"},{"key":"2812_CR30","unstructured":"Sch\u00fctte M (2014) The ipv6 snort plugin. https:\/\/www.snort.org\/.Last . Accessed March 2015"},{"key":"2812_CR31","unstructured":"Atlasis A, Rey E (2015) Evasion of high-end ips devices in the age of ipv6. In: Presented at the BlackHat EU, Amsterdam"},{"key":"2812_CR32","unstructured":"Gehrke KA (2012) The unexplored impact of ipv6 on intrusion detection systems. Master dissertation, Department of Computer Science Monterey, California, Naval Postgraduate School"},{"issue":"23","key":"2812_CR33","doi-asserted-by":"crossref","first-page":"2435","DOI":"10.1016\/S1389-1286(99)00112-7","volume":"31","author":"V Paxson","year":"1999","unstructured":"Paxson V (1999) Bro: a system for detecting network intruders in real-time. Comput Netw 31(23):2435\u20132463","journal-title":"Comput Netw"},{"key":"2812_CR34","unstructured":"Moya MAC (2008) Analysis and evaluation of the snort and bro network intrusion detection systems. Master Universidad Pontificia Comillas, Madrid"},{"key":"2812_CR35","doi-asserted-by":"crossref","unstructured":"Sommer R, Paxson V (2003) Enhancing byte-level network intrusion detection signatures with context. In: Presented at the proceedings of the 10th ACM conference on Computer and communications security, ACM, Washington, DC, USA, pp 262\u2013271","DOI":"10.1145\/948109.948145"},{"key":"2812_CR36","doi-asserted-by":"crossref","unstructured":"Rietz R, Vogel M, Schuster F, K\u00f6nig H (2014) Parallelization of network intrusion detection systems under attack conditions. In: Detection of intrusions and malware, and vulnerability assessment, Springer, pp 172\u2013191","DOI":"10.1007\/978-3-319-08509-8_10"},{"key":"2812_CR37","unstructured":"Pihelgas M (2012)A comparative analysis of opensource intrusion detection systems. Master dissertation, Department of Computer Science TALLINN UNIVERSITY OF TECHNOLOGY"},{"key":"2812_CR38","first-page":"13","volume-title":"Using artificial intelligence in intrusion detection systems","author":"M Manninen","year":"2002","unstructured":"Manninen M (2002) Using artificial intelligence in intrusion detection systems. Helsinki University of Technology, Espoo, p 13"},{"key":"2812_CR39","doi-asserted-by":"crossref","unstructured":"Beck F, Cholez T, Festor O, Chrisment I (2007) Monitoring the neighbor discovery protocol. In: Presented at the second international workshop on IPv6 today-technology and deployment-IPv6TD 2007","DOI":"10.1109\/ICCGI.2007.39"},{"key":"2812_CR40","unstructured":"Lecigne C (2006) Ndpwatch\u2014ethernet\/ipv6 address pairings monitor. http:\/\/ndpwatch.sourceforge.net\/ . Accessed 2016"},{"key":"2812_CR41","unstructured":"Morse J (2016) Router advert monitoring daemon. http:\/\/ramond.sourceforge.net . Accessed 2016"},{"key":"2812_CR42","unstructured":"K. Project (2007) Rafixd. http:\/\/www.kame.net\/ . Accessed 2016"},{"key":"2812_CR43","doi-asserted-by":"crossref","unstructured":"Gont F (2014) Implementation advice for ipv6 router advertisement guard (ra-guard). https:\/\/tools.ietf.org\/html\/rfc7113 . Accessed 2016","DOI":"10.17487\/rfc7113"},{"key":"2812_CR44","doi-asserted-by":"crossref","unstructured":"Barbhuiya FA, Biswas S, Nandi S (2011) Detection of neighbor solicitation and advertisement spoofing in ipv6 neighbor discovery protocol. In: Presented at the Proceedings of the 4th international conference on security of information and networks, ACM, Macquarie University, Sydney, Australia, pp 111\u2013118","DOI":"10.1145\/2070425.2070444"},{"issue":"1","key":"2812_CR45","first-page":"195","volume":"13","author":"S Praptodiyono","year":"2015","unstructured":"Praptodiyono S, Hasbullah IH, Anbar M, Murugesan RK, Osman A (2015) Improvement of address resolution security in ipv6 local network using trust-nd. TELKOMNIKA Indones J Electr Eng 13(1):195\u2013202","journal-title":"TELKOMNIKA Indones J Electr Eng"},{"key":"2812_CR46","doi-asserted-by":"crossref","unstructured":"Bansal G, Kumar N, Nandi S, Biswas S (2012) Detection of ndp based attacks using mld. In: Presented at the proceedings of the fifth international conference on security of information and networks, ACM, Malaviya National Institute of Technology, Jaipur, India, pp 163\u2013167","DOI":"10.1145\/2388576.2388600"},{"key":"2812_CR47","doi-asserted-by":"crossref","unstructured":"Deering S, Fenner W, Haberman B (1999) Multicast listener discovery (mld) for ipv6. Request for Comments 2710. https:\/\/tools.ietf.org\/html\/rfc2710.Last . Accessed 2016","DOI":"10.17487\/rfc2710"},{"issue":"8","key":"2812_CR48","doi-asserted-by":"crossref","first-page":"1887","DOI":"10.1166\/asl.2016.7744","volume":"22","author":"AM Aleesa","year":"2016","unstructured":"Aleesa AM, Hassan R, Kamal SUM (2016) A rule-based technique to detect router advertisement flooding attack against biobizz web application. Adv Sci Lett 22(8):1887\u20131891","journal-title":"Adv Sci Lett"},{"issue":"12","key":"2812_CR49","doi-asserted-by":"crossref","first-page":"3448","DOI":"10.1016\/j.comnet.2007.02.001","volume":"51","author":"A Patcha","year":"2007","unstructured":"Patcha A, Park J-M (2007) An overview of anomaly detection techniques: existing solutions and latest technological trends. Comput Netw 51(12):3448\u20133470","journal-title":"Comput Netw"},{"key":"2812_CR50","unstructured":"Yao L, Zhitang L, Shuyu L (2006) A fuzzy anomaly detection algorithm for ipv6. In: Presented at the semantics, knowledge and grid, 2006. Second International Conference on SKG\u201906. IEEE, United States, p 67"},{"key":"2812_CR51","doi-asserted-by":"crossref","first-page":"608","DOI":"10.1007\/978-3-642-02617-1_62","volume":"5576","author":"Z Liu","year":"2009","unstructured":"Liu Z, Lai Y (2009) A data mining framework for building intrusion detection models based on ipv6. Adv Inf Secur Assur 5576:608\u2013618","journal-title":"Adv Inf Secur Assur"},{"issue":"2","key":"2812_CR52","doi-asserted-by":"crossref","first-page":"168","DOI":"10.17485\/ijst\/2014\/v7i2.5","volume":"7","author":"RM Saad","year":"2014","unstructured":"Saad RM, Almomani A, Altaher A, Gupta B, Manickam S (2014) Icmpv6 flood attack detection using denfis algorithms. Indian J Sci Technol 7(2):168\u2013173","journal-title":"Indian J Sci Technol"},{"issue":"46","key":"2812_CR53","first-page":"399","volume":"14","author":"MA Zulkiflee","year":"2015","unstructured":"Zulkiflee MA, Ahmad MS, Sahib S, Ghani MA (2015) A framework of features selection for ipv6 network attacks detection. WSEAS Trans Commun 14(46):399\u2013408","journal-title":"WSEAS Trans Commun"},{"key":"2812_CR54","unstructured":"Salih A, Ma X, Peytchev E (2015) Detection and classification of covert channels in ipv6 using enhanced machine learning. In: Presented at the international conference on computer technology and information systems. ICCTIS DUBAI, UAE"},{"key":"2812_CR55","doi-asserted-by":"crossref","unstructured":"Liu Z, Lai Y (2009) A data mining framework for building intrusion detection models based on ipv6. In: Presented at the advances in information security and assurance, Seoul, Korea, Springer, 2009, Seoul, Korea, pp 608\u2013618","DOI":"10.1007\/978-3-642-02617-1_62"},{"issue":"8","key":"2812_CR56","doi-asserted-by":"crossref","first-page":"1434","DOI":"10.15866\/irecos.v9i8.2869","volume":"9","author":"M Zulkiflee","year":"2014","unstructured":"Zulkiflee M, Haniza N, Shahrin S, Ghani M (2014) A framework of ipv6 network attack dataset construction by using testbed environment. Int Rev Comput Softw (IRECOS) 9(8):1434\u20131441","journal-title":"Int Rev Comput Softw (IRECOS)"},{"key":"2812_CR57","unstructured":"O. I. S. Foundation (2010) Suricata intrusion detection system. http:\/\/suricata-ids.org\/ . Accessed 2015"},{"issue":"18","key":"2812_CR58","doi-asserted-by":"crossref","first-page":"3799","DOI":"10.1016\/j.ins.2007.03.025","volume":"177","author":"T Shon","year":"2007","unstructured":"Shon T, Moon J (2007) A hybrid machine learning approach to network anomaly detection. Inf Sci 177(18):3799\u20133821","journal-title":"Inf Sci"},{"key":"2812_CR59","unstructured":"Hu W, Liao Y, Vemuri VR (2003) Robust anomaly detection using support vector machines. In: Presented at the international conference on machine learning. Washington, DC, USA, pp 282\u2013289"},{"key":"2812_CR60","doi-asserted-by":"crossref","unstructured":"Sung AH, Mukkamala S (2003) Identifying important features for intrusion detection using support vector machines and neural networks. In: Presented at the applications and the internet, 2003. Proceedings. 2003 Symposium on, IEEE, pp 209\u2013216","DOI":"10.1109\/SAINT.2003.1183050"}],"container-title":["Neural Computing and Applications"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00521-016-2812-8\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00521-016-2812-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00521-016-2812-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,9,28]],"date-time":"2020-09-28T09:05:42Z","timestamp":1601283942000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00521-016-2812-8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,12,28]]},"references-count":60,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2018,7]]}},"alternative-id":["2812"],"URL":"https:\/\/doi.org\/10.1007\/s00521-016-2812-8","relation":{},"ISSN":["0941-0643","1433-3058"],"issn-type":[{"value":"0941-0643","type":"print"},{"value":"1433-3058","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016,12,28]]}}}