Journal of Network Security and Data Mining (e-ISSN: 3048-5169)

 SecureDAD is an advanced IPv6 network security system which may prevent spoofing attacks before they disrupt communication services. This paper detects malicious Neighbor Discovery behavior at an early stage by examining live packet traffic captured from networks. We used artificial intelligence instead of conventional monitoring methods which are often slow and inaccurate. We used two highly effective methods Random Forest and anomaly scoring to understand suspicious patterns in IPv6 packets and classify whether traffic is normal or malicious. The dashboard allows simple Web based use of the system. It also provides pictorial graphs to depict performance and outcomes. The technique will enable administrators to detect attacks promptly and with high assurance in low resource environments quickly today always safely for users everywhere.

Narten, T., Nordmark, E., Simpson, W., & Soliman, H. Neighbor Discovery for IP version 6 (IPv6), Internet Engineering Task Force RFC 4861, IETF, (2007).

Arkko, J., Kempf, J., Sommerfeld, B., Zill, B., & Nikander, P. SEcure Neighbor Discovery (SEND), Internet Engineering Task Force RFC 3971, IETF, (2005).

Cheneau, T., Lau, D., Klein, C., & Heen, O. Detecting rogue IPv6 router advertisements using automated monitoring systems, International Conference on Network Security (pp. 45-52), IEEE, (2011).

Nikander, P., Kempf, J., & Nordmark, E. IPv6 Neighbor Discovery protocol and related security threats, Journal of Network Security, 9(2), 139-143, (2009).

Panda, R., Puhan, N. B., Rao, A., Padhy, D., & Panda,

G. Recurrent neural network based anomaly detection in early network attacks, IEEE International Symposium on Security Informatics (pp. 692-695), IEEE, (2017).

Ramakrishnan, R., Mittal, S., Ambatkar, S., & Kader,

A. Traffic behavior measurements in Indian enterprise networks using packet analyzers, Indian Journal of Computing Systems, 54(1), 11-15, (2006).

Park, J. J., Oh, D. R., Hong, S. P., & Lee, K. W.Asymmetry analysis of IPv6 packet traffic in normal systems using network logs, Korean Journal of Information Security, 19(4), 281-287, (2005).

Baniasadi, N., Paschalis, E. I., Haghzadeh, M., Ojha, P., Elze, T., Mahd, M., & Chen, T. Patterns of abnormal packet loss in different subtypes of denial attacks using traffic analytics, Journal of Cybersecurity, 25(10), 865- 872, (2016).

Bedke, G. C., Manza, R. R., Patil, D. D., & Rajput, Y.

Secondary intrusion diagnosis technique using packet routing behavior, International Conference on Pervasive Computing (ICPC), pp. 1-4, IEEE, (2015).

Lavinsky, F., Wollstein, G., Tauber, J., & Schuman, J. S. The future of analytics in detecting network attack progression, Security Informatics, 124(12), S76-S82, (2017).