Title :
IDS Using Mitigation Rules Approach to Mitigate ICMP Attacks
Author :
Hadi, Adi Dewiyana Abdul ; Azmat, Farok H. J. ; Ali, Fakariah Hani Mohd
Author_Institution :
Fac. of Comput. & Math. Sci., Univ. Teknol. MARA, Shah Alam, Malaysia
Abstract :
The Internet Control Message Protocol (ICMP) attack is an example of a DDoS attack and regarded as an Internet menace that aims to deny service to legitimate users by violating the availability of resource in a system. A number of researches have been conducted to propose different methods of mitigating the attack but yet, the problem still arises. Thus, to improve the current mitigation solution, this study intents to proposethe Intrusion Detection System (IDS) with the mitigation rules approach to mitigate the ICMP attack. The mitigation rules are developed specifically to mitigate the ICMP attack and to suppress the number of false alarms. Project implementation is done using Snort, which is installed in the Linux platform. For evaluation purpose, testing is carried out with live private data in identical environment, with the default rules and the proposed mitigation rules enabled in the same LAN. Experimental result shows that deployment of mitigation rules is 63.95% efficient to mitigate the ICMP attack compared to the original Snort rules.
Keywords :
Internet; Linux; computer network security; local area networks; protocols; DDoS attack; ICMP attack mitigation; IDS; Internet control message protocol attack; LAN; Linux platform; Snort; intrusion detection system; mitigation rule approach; resource availability; Availability; Computer crime; IP networks; Protocols; Syntactics; Telecommunication traffic; Testing; DDoS Attack; ICMP Attack; IDS; Mitigation Rules;
Conference_Titel :
Advanced Computer Science Applications and Technologies (ACSAT), 2013 International Conference on
Conference_Location :
Kuching
DOI :
10.1109/ACSAT.2013.18
