StandardDraft

CAPEC-487ICMP Flood

Abstraction
Standard
Status
Draft

Description

An adversary may execute a flooding attack using the ICMP protocol with the intent to deny legitimate users access to a service by consuming the available network bandwidth. A typical attack involves a victim server receiving ICMP packets at a high rate from a wide range of source addresses. Additionally, due to the session-less nature of the ICMP protocol, the source of a packet is easily spoofed making it difficult to find the source of the attack.

Related weaknesses· 1

CWE-770

Related attack patterns· 1

CAPEC-125 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessAllocation of Resources Without Limits or Throttlingcwe-770100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
UDP Flood
CAPEC
HTTP Flood
CAPEC
TCP Flood
CAPEC
ICMP Fragmentation
CAPEC
Flooding
CAPEC
Traffic Injection
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.