Enhanced Techniques For Detection And Classification Of Neighbor Discovery Protocol Anomalies
Kajian ini membentangkan penyelesaian, yang dikenali sebagai "Pemantauan Protokol Penemuan Tetangga Pintar (INDPMon)", berfungsi untuk meningkatkan tahap keselamatan rangkaian IPv6, dengan mengekalkan pengawasan yang berterusan berkenaan insiden Protokol Penemuan Tetangga (NDP), kelemah...
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2016
|
| Subjects: | |
| Online Access: | http://eprints.usm.my/32153/ http://eprints.usm.my/32153/1/FIRAS_%28M.H.%29_S._NAJJAR_24%28NN%29.pdf |
| _version_ | 1848876745882599424 |
|---|---|
| author | Firas (M.H.) S., Najjar |
| author_facet | Firas (M.H.) S., Najjar |
| author_sort | Firas (M.H.) S., Najjar |
| building | USM Institutional Repository |
| collection | Online Access |
| description | Kajian ini membentangkan penyelesaian, yang dikenali sebagai "Pemantauan Protokol
Penemuan Tetangga Pintar (INDPMon)", berfungsi untuk meningkatkan tahap keselamatan
rangkaian IPv6, dengan mengekalkan pengawasan yang berterusan berkenaan insiden Protokol
Penemuan Tetangga (NDP), kelemahan, dan kemungkinan serangan dalam membantu keputusan
pengurusan risiko organisasi. INDPMon menggunakan pendekatan analisis rangkaian
untuk memantau paket lapisan rangkaian, dan menggunakan kaedah protokol stateful untuk
menggambarkan anomali protokol dengan tepat. Mesin keadaan terhingga terluas digunakan
untuk memahami dan menganalisis tingkah laku dinamik protokol supaya sebarang peristiwa
pelanggaran yang menyebabkan anomali NDP dapat dispesifikasi. Peristiwa yang paling diskriminatif
dipilih untuk menentukan ciri-ciri set NDP yang akan digunakan untuk menggambarkan
kelakuan NDP. Tapak ujian telah digunakan untuk menjana set data NDP dan proses
awal prosedur dilakukan kepada set data NDP yang dijana bagi tujuan optimasi. Set data NDP
bersama-sama ciri-ciri set NDP digunakan untuk membuat set data perwakilan ciri-ciri NDP
yang merupakan tulang belakang INDPMon untuk ramalan dan klasifikasi keputusan. Buat
masa ini, alat pemantauan NDP, yang dikenali sebagai NDPMon, adalah penyelesaian yang
biasa dinamakan untuk memantau NDP.
This research presents enhanced solution, called " Intelligent Neighbor Discovery Protocol
Monitoring (INDPMon)", for improving the security of IPv6 networks by maintaining
constant awareness of Neighbor Discovery Protocol (NDP) incidents, vulnerabilities, and attacks
to support organizational risk management decisions. INDPMon adapts a network analysis
approach to monitor network layer packets, and utilizes a stateful protocol methodology
to precisely describe the protocol anomalies. Extended Finite State Machine is used to understand
and analyze the dynamic behavior of the protocol in order to specify the violation events
that cause NDP anomalies. The most discriminative events are selected to define the NDP features
set which used to characterize the NDP behavior. Testbed has been used to generate NDP
dataset and preprocessing procedures are applied to the generated NDP dataset for optimization.
NDP dataset along with NDP features set are used to create a representative NDP features
dataset which is the backbone of INDPMon for prediction and classifications decisions. Currently,
NDP monitoring tool, called (NDPMon), is the commonly cited solution for monitoring
NDP.
|
| first_indexed | 2025-11-15T17:04:26Z |
| format | Thesis |
| id | usm-32153 |
| institution | Universiti Sains Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T17:04:26Z |
| publishDate | 2016 |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | usm-321532019-04-12T05:25:15Z http://eprints.usm.my/32153/ Enhanced Techniques For Detection And Classification Of Neighbor Discovery Protocol Anomalies Firas (M.H.) S., Najjar QA75.5-76.95 Electronic computers. Computer science Kajian ini membentangkan penyelesaian, yang dikenali sebagai "Pemantauan Protokol Penemuan Tetangga Pintar (INDPMon)", berfungsi untuk meningkatkan tahap keselamatan rangkaian IPv6, dengan mengekalkan pengawasan yang berterusan berkenaan insiden Protokol Penemuan Tetangga (NDP), kelemahan, dan kemungkinan serangan dalam membantu keputusan pengurusan risiko organisasi. INDPMon menggunakan pendekatan analisis rangkaian untuk memantau paket lapisan rangkaian, dan menggunakan kaedah protokol stateful untuk menggambarkan anomali protokol dengan tepat. Mesin keadaan terhingga terluas digunakan untuk memahami dan menganalisis tingkah laku dinamik protokol supaya sebarang peristiwa pelanggaran yang menyebabkan anomali NDP dapat dispesifikasi. Peristiwa yang paling diskriminatif dipilih untuk menentukan ciri-ciri set NDP yang akan digunakan untuk menggambarkan kelakuan NDP. Tapak ujian telah digunakan untuk menjana set data NDP dan proses awal prosedur dilakukan kepada set data NDP yang dijana bagi tujuan optimasi. Set data NDP bersama-sama ciri-ciri set NDP digunakan untuk membuat set data perwakilan ciri-ciri NDP yang merupakan tulang belakang INDPMon untuk ramalan dan klasifikasi keputusan. Buat masa ini, alat pemantauan NDP, yang dikenali sebagai NDPMon, adalah penyelesaian yang biasa dinamakan untuk memantau NDP. This research presents enhanced solution, called " Intelligent Neighbor Discovery Protocol Monitoring (INDPMon)", for improving the security of IPv6 networks by maintaining constant awareness of Neighbor Discovery Protocol (NDP) incidents, vulnerabilities, and attacks to support organizational risk management decisions. INDPMon adapts a network analysis approach to monitor network layer packets, and utilizes a stateful protocol methodology to precisely describe the protocol anomalies. Extended Finite State Machine is used to understand and analyze the dynamic behavior of the protocol in order to specify the violation events that cause NDP anomalies. The most discriminative events are selected to define the NDP features set which used to characterize the NDP behavior. Testbed has been used to generate NDP dataset and preprocessing procedures are applied to the generated NDP dataset for optimization. NDP dataset along with NDP features set are used to create a representative NDP features dataset which is the backbone of INDPMon for prediction and classifications decisions. Currently, NDP monitoring tool, called (NDPMon), is the commonly cited solution for monitoring NDP. 2016-08 Thesis NonPeerReviewed application/pdf en http://eprints.usm.my/32153/1/FIRAS_%28M.H.%29_S._NAJJAR_24%28NN%29.pdf Firas (M.H.) S., Najjar (2016) Enhanced Techniques For Detection And Classification Of Neighbor Discovery Protocol Anomalies. PhD thesis, Universiti Sains Malaysia. |
| spellingShingle | QA75.5-76.95 Electronic computers. Computer science Firas (M.H.) S., Najjar Enhanced Techniques For Detection And Classification Of Neighbor Discovery Protocol Anomalies |
| title | Enhanced Techniques For Detection And Classification Of Neighbor Discovery Protocol Anomalies |
| title_full | Enhanced Techniques For Detection And Classification Of Neighbor Discovery Protocol Anomalies |
| title_fullStr | Enhanced Techniques For Detection And Classification Of Neighbor Discovery Protocol Anomalies |
| title_full_unstemmed | Enhanced Techniques For Detection And Classification Of Neighbor Discovery Protocol Anomalies |
| title_short | Enhanced Techniques For Detection And Classification Of Neighbor Discovery Protocol Anomalies |
| title_sort | enhanced techniques for detection and classification of neighbor discovery protocol anomalies |
| topic | QA75.5-76.95 Electronic computers. Computer science |
| url | http://eprints.usm.my/32153/ http://eprints.usm.my/32153/1/FIRAS_%28M.H.%29_S._NAJJAR_24%28NN%29.pdf |