Abstract
We present a formal specification of the PING protocol, and use three concepts of convergence theory, namely closure, convergence, and protection, to show that this protocol is secure against weak adversaries (and insecure against strong ones). We then argue that despite the security of PING against weak adversaries, the natural vulnerability of this protocol (or of any other protocol for that matter) can be exploited by a weak adversary to launch a denial of service attack against any computer that hosts the protocol. Finally, we discuss three mechanisms, namely ingress filtering, hop integrity, and soft firewalls that can be used to prevent denial of service attacks in the Internet.
This work is supported in part by DARPA contract F33615-01-C-1901.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Arora, A., Gouda, M.G.: Closure and convergence: A foundation for fault-tolerant computing. IEEE Transactions on Software Engineering, Vol. 19, No. 3 (1993) 1015–1027
Cheswick, W.R., Bellovin, S.M.: Firewalls and Internet Security. 1st edn. Addison-Wesley Publishing Co., Reading, Massachusetts (1994)
CERT Advisory: Smurf IP Denial-of-Service Attacks. CERT Advisory CA-1998-01, http://www.cert.org/ (1998)
Ferguson, P., Senie, D.: Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing. RFC 2267 (1998)
Dolev, S.: Self-Stabilization. 1st edn. MIT Press, Cambridge Massachusetts (2000)
Gouda, M.G.: Elements of Network Protocol Design. 1st edn. John Wiley & Sons, New York, New York (1998)
Gouda, M.G.: Elements of security: Closure, convergence, and protection. Information Processing Letters, Vol. 77, Nos. 2-4 (2001) 109–114
Gouda, M.G., Elnozahy, E.N., Huang, C.-T., McGuire, T.M.: Hop Integrity in Computer Networks. Proceedings of the 8th IEEE International Conference on Network Protocols (2000) 3–11
Postel, J.: Internet Control Message Protocol. RFC 792 (1981)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gouda, M.G., Huang, CT., Arora, A. (2001). On the Security and Vulnerability of PING. In: Datta, A.K., Herman, T. (eds) Self-Stabilizing Systems. WSS 2001. Lecture Notes in Computer Science, vol 2194. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45438-1_9
Download citation
DOI: https://doi.org/10.1007/3-540-45438-1_9
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42653-0
Online ISBN: 978-3-540-45438-0
eBook Packages: Springer Book Archive