Abstract
TCP/IP protocol basically have much vulnerability in protocol itself. Specially, ICMP is ubiquitous to almost every TCP/IP based network. Thereupon, many networks consider ICMP traffic to be benign and will allow it to be passed through, unmolested. So, attackers can tunnel(covert channel) any information they want through it. To detect an ICMP covert channel, we use SVM which has excellent performance in pattern classification. Our experiments show that the proposed method can detect an ICMP covert channel among normal ICMP traffic using SVM.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
McHugh, J.: Covert Channel Analysis. Portland State University (1995)
Loki: ICMP Tunneling, daemon9. Pharack Magazine 6(49)
Vapnik, V.: The Nature of Statistical Learning Theory. Springer, Heidelberg (1995)
Bellovin, S.M.: Security Problems in the TCP/IP protocol suite. Computer Communication Reviews 19(2), 32–48 (1989)
Mukkamala, S., Janowski, G.: Intrusion Detection Using Neural Networks and Support Vector Machines. In: Proceedings of IEEE IJCNN, pp. 1702–1707 (May 2002)
Joachmims, T.: mySVM - a Support Vector Machine. Univerity Dortmund
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sohn, T., Noh, T., Moon, J. (2003). Support Vector Machine Based ICMP Covert Channel Attack Detection. In: Gorodetsky, V., Popyack, L., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2003. Lecture Notes in Computer Science, vol 2776. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45215-7_46
Download citation
DOI: https://doi.org/10.1007/978-3-540-45215-7_46
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40797-3
Online ISBN: 978-3-540-45215-7
eBook Packages: Springer Book Archive