Detection and Prevention of ICMP Flood DDOS Attack

Harshita

The term denial of Service (DOS) refers to form an attacking computers over a network. The denial of service attack is an explicit attempt by an attacker to prevent the legitimate users not to access the services. When this attack is made at a larger amount that is by using multiple computers than it’s known as Distributed   Denial of Service Attack (DDoS) [1]. An attacker can use many techniques for denial of service like flooding technique is to flood a network and reduce the legitimate user bandwidths to disrupt the services of the users. In DDoS attack, the attacker try to interrupt the services of a server and utilizes its CPU and Network. Flooding DDOS attack is based on a huge volume of attack traffic which is termed as a Flooding based DDOS attack. Flooding-based DDOS attack attempts to congest the victim's network bandwidth with real-looking but unwanted IP data. Due to which Legitimate IP packets cannot reach the victim because of lack of bandwidth resource [5]. ICMP FLOOD initiated by sending a large number of ICMP packets to a remote host. As a result, the victimized system’s resources will be consumed with handling the attacking packets, which eventually causes the system to be unreachable by other clients. In this reserach firstly, we detect the ICMP Flood by using various methods and tools and then find out the prevention techniques for DDOS attack using ICMP Protocol.