Kernel-based machine learning intrusion detection systems for ICMPv6 DDoS detection

Abeer Abdullah Alsadhan, Noora Al Roken, Sam Ansari, Bilal Khan, Sadiq H. Abdulhussain, Abir Jaafar Hussain,
Kernel-based machine learning intrusion detection systems for ICMPv6 DDoS detection,
Results in Engineering,
Volume 28,
2025,
106940,
ISSN 2590-1230,
https://doi.org/10.1016/j.rineng.2025.106940.
(https://www.sciencedirect.com/science/article/pii/S2590123025029986)
Abstract: This study presents a novel intrusion detection framework that leverages flow-based representations of ICMPv6 traffic and kernel-based machine learning algorithms to enhance detection accuracy. The proposed system integrates three classifiers—support vector machine (SVM), random forest (RF), and logistic regression (LR)—with nine distinct kernel functions to construct a robust and adaptive detection architecture. Experimental evaluations, conducted on a purpose-built ICMPv6 flow dataset, reveal that the SVM model employing the radial basis function (RBF) kernel outperforms other configurations, achieving a detection accuracy of 92.67% and weighted precision and recall values of 93.00%. These findings underscore the efficacy of kernel-enhanced machine learning models in accurately identifying and mitigating ICMPv6-based DDoS attacks, and establish the proposed approach as a viable and high-performing solution for next-generation intrusion detection systems.
Keywords: Anomaly detection; Distributed denial of service; Internet protocol version 6; Intrusion detection systems; Kernel density estimator; Machine learning