Malicious ICMP Tunneling: Defense against the Vulnerability
نویسندگان
چکیده
This paper presents a systematic solution to the problem of using ICMP tunneling for covert channel. ICMP is not multiplexed via port numbers and the data part of the ICMP packet provides considerable bandwidth for malicious covert channels. These factors make it an integral part of many malicious software like remote access and denial of service attack tools. These tools use ICMP to establish covert communication channels. In this paper a stateless model is proposed to prevent ICMP tunneling. A Linux kernel module was implemented to demonstrate the proposed stateless solution. The module enforces a fixed payload policy for ICMP packets and virtually eliminates ICMP tunneling which arises due to the data carrying capability of ICMP. The performance impact on end hosts and routers due to the stateless monitoring model is described.
منابع مشابه
A survey of DDoS Service Attacks in Collaborative Intrusion Detection System
A DDoS (Distributed Denial-of-Service) attack is a distributed large-scale attempt by malicious users to flood the victim network with an enormous number of packets. This exhausts the victim network of resources such as bandwidth, computing power, etc., the victim is unable to provide services to its legitimate clients and network performance is greatly deteriorated. There are many proposed met...
متن کاملAnalysis of spatial vulnerability of threatened strategic urban centers from the point of view of passive defense (case study: Bojnurd city)
Background and objective: Safety and security against threats is one of the most basic principles in order to achieve the desired standards of urban comfort, and attention to the passive defense of cities against external threats has always been considered since the beginning of the formation of cities. Therefore, the purpose of this study is to provide management strategies to reduce the exist...
متن کاملSpectrum Sensing Data Falsification Attack in Cognitive Radio Networks: An Analytical Model for Evaluation and Mitigation of Performance Degradation
Cognitive Radio (CR) networks enable dynamic spectrum access and can significantly improve spectral efficiency. Cooperative Spectrum Sensing (CSS) exploits the spatial diversity between CR users to increase sensing accuracy. However, in a realistic scenario, the trustworthy of CSS is vulnerable to Spectrum Sensing Data Falsification (SSDF) attack. In an SSDF attack, some malicious CR users deli...
متن کاملWireless Network Behavior under ICMP Ping Flood DoS Attack and Mitigation Techniques
Internet Control Message Protocol (ICMP) is an error reporting and diagnostic utility and it is considered as a part of Internet Protocol (IP) suite. Although this protocol is very important for ensuring correct data distribution, it can be exploited by malicious users for conducting different Denial of Service (DoS) attacks. Due to the broadcast nature of wireless communication, exploitation o...
متن کاملSpatial Organizing and Distribution of Gas Stations Following Urban Passive Defense Approach (Case Study: Gas Stations of Mashhad Metropolis)
Passive Defense is a set of civilian efforts performed to enhance deterrence, reduce vulnerability, sustain essential activities, promote national stability, and facilitate crisis management against military threats of an enemy. Since in battles, sensitive and critical areas of cities are of paramount importance,it is clear that in military agressions, a large part of threats are focused on cit...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2003