Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security

MMM-ACNS 2003: Computer Network Security pp 461–464Cite as

Support Vector Machine Based ICMP Covert Channel Attack Detection

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2776))

Abstract

TCP/IP protocol basically have much vulnerability in protocol itself. Specially, ICMP is ubiquitous to almost every TCP/IP based network. Thereupon, many networks consider ICMP traffic to be benign and will allow it to be passed through, unmolested. So, attackers can tunnel(covert channel) any information they want through it. To detect an ICMP covert channel, we use SVM which has excellent performance in pattern classification. Our experiments show that the proposed method can detect an ICMP covert channel among normal ICMP traffic using SVM.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. McHugh, J.: Covert Channel Analysis. Portland State University (1995)

    Google Scholar 

  2. Loki: ICMP Tunneling, daemon9. Pharack Magazine 6(49)

    Google Scholar 

  3. Vapnik, V.: The Nature of Statistical Learning Theory. Springer, Heidelberg (1995)

    MATH  Google Scholar 

  4. Bellovin, S.M.: Security Problems in the TCP/IP protocol suite. Computer Communication Reviews 19(2), 32–48 (1989)

    Article  Google Scholar 

  5. Mukkamala, S., Janowski, G.: Intrusion Detection Using Neural Networks and Support Vector Machines. In: Proceedings of IEEE IJCNN, pp. 1702–1707 (May 2002)

    Google Scholar 

  6. Joachmims, T.: mySVM - a Support Vector Machine. Univerity Dortmund

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Information Security Technologies, Korea University, Seoul, Korea

    Taeshik Sohn, Taewoo Noh & Jongsub Moon

Authors
  1. Taeshik Sohn
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Taewoo Noh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jongsub Moon
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. St. Petersburg Intitute for Informaticsand Automation, 39, 14-th Liniya, 199178, St. Petersburg, Russia

    Vladimir Gorodetsky

  2. AFRL/IF, 525 Brooks Rd., 13441-4505, Rome, NY, USA

    Leonard Popyack

  3. US Air Force, Binghamton University (SUNYI), 13902, Binghamton, NY, USA

    Victor Skormin

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sohn, T., Noh, T., Moon, J. (2003). Support Vector Machine Based ICMP Covert Channel Attack Detection. In: Gorodetsky, V., Popyack, L., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2003. Lecture Notes in Computer Science, vol 2776. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45215-7_46

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-45215-7_46

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-40797-3

  • Online ISBN: 978-3-540-45215-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation