An Active Detection Mechanism for Detecting ICMP Based Attacks

In recent years, the number of attacks in computer networks are constantly increasing due to the lack of proper authentication of communicating entities in the network. TCP/IP layering architecture is prone to various threats due to the vulnerabilities in each of its layers. This mandates the requirement for a suitable detection system in the network to monitor the possible attacks. ICMP is a mandatory protocol which provides the error reporting, control and network management functionalities to the Internet Protocol (IP). Many of the attacks in the network like MiTM and DoS can be initiated with the exploitation of this essential protocols. In this paper, an active detection mechanism to identify many ICMP Error messages based attacks is proposed. The ICMP messages are verified by sending suitable probe packets to the hosts and validating their responses. The detection scheme is successfully validated in a testbed with various attack scenarios and the results show the effectiveness of the proposed technique in terms of greater accuracy in the detection rates.