1. UKM Learning and Research Repository
  2. Master Thesis / Tesis Master
  3. Faculty of Information Science and Technology / Fakulti Teknologi dan Sains Maklumat
Please use this identifier to cite or link to this item: https://ptsldigital.ukm.my/jspui/handle/123456789/476445
Title: A rule-based technique to detect router advertisement flooding attack against web applications
Authors: Ahmed Marwan Idrees Aleesa (P74167)
Supervisor: Rosilah Hassan, Assoc. Prof. Dr.
Keywords: Flooding attack
Web applications
Distributed Denial of Service
Router advertisement
Universiti Kebangsaan Malaysia -- Dissertations
Issue Date: 1-Jun-2016
Description: Distributed Denial of Service (DDoS) attacks is rapidly becoming a popular attack vector used by hackers and hack activist. With the spread of botnets, there has been a massive increase of DDoS attacks on more and more organizationa. The Router Advertisement (RA) flooding attack is considered as a manjor threat to Internet Protocol version 6 (IPv^) networks due to the deliberate intent of attackers to make the vital resources powerless for legitimate users. Different attacks have been performed against IPv6 networks. RA flooding is one of these attacks that aim to exhaust all nodes resources for instance the CPU and memory that attached to routers on the same link. The majority of existing approaches for detecting DDoS flooding attacks are designed to detect IPv4 flooding attack for this the IPv6 DDos can easily bypass these approaches. Moreover, the existing approaches for detecting IPv6 DDos suffer from low accuracy detection and high false positive due to firstly based on signature of attack rather than the attack behaviour which lead to inability of detecting zero day's attacks. Secondly the behaviour based approaches are using a simple heuristic rules to detect IPv6 DDos attacks. The main aim of this research is to develop technique the capable of detecting DDos RA flooding attack against web application. The proposed technique based on Principal Component Analysis (PCA) and rule based mechanism. PCA is employed to select the most important features that can be contributed in detecting DDos RA flooding while the rule based mechanism is used to RA flooding attacks based on the selected feature by PCA. The proposed approach is evaluated using simulated result obtained from Graphical Network simulation 3 (GNS3). the evaluation result shows that the proposed approach has the ability to detect RA flooding attack against web application with a better accuracy compared to the existing technique.,Certification of Master's/Doctoral Thesis" is not available
Pages: 124
Publisher: UKM, Bangi
Appears in Collections:Faculty of Information Science and Technology / Fakulti Teknologi dan Sains Maklumat

Files in This Item:
File Description SizeFormat 
ukmvital_86190+SOURCE1+SOURCE1.0.PDF
  Restricted Access		455.89 kBAdobe PDFThumbnail
View/Open
Show full item record Recommend this item


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.