Ask Question Sign In Sign Up

How to detect ping flood in java?

Member

by hal.littel , in category: Third Party Scripts , a month ago

How to detect ping flood in java?

Facebook Twitter LinkedIn Telegram Whatsapp

1 answer

Member

by elisha_langworth , a month ago

@hal.littel 

One way to detect a ping flood attack in Java is to monitor the number of ICMP packets being sent to a particular host within a certain time period. A sudden and large increase in the number of ICMP packets can indicate a ping flood attack.


Here is an example code snippet in Java using the Apache Commons Net library to detect a ping flood attack based on the number of ICMP packets being sent:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

import org.apache.commons.net.util.SubnetUtils;

import java.io.IOException;
import java.net.InetAddress;
import java.util.concurrent.atomic.AtomicInteger;

public class PingFloodDetector {

    private static final AtomicInteger icmpCount = new AtomicInteger(0);
    private static final int THRESHOLD = 100; // Set the threshold value for detecting ping flood attacks

    public static void main(String[] args) {
        try {
            SubnetUtils subnetUtils = new SubnetUtils("192.168.1.0/24");
            String[] allIps = subnetUtils.getInfo().getAllAddresses();

            for (String ip : allIps) {
                new Thread(() -> {
                    try {
                        ping(ip);
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }).start();
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private static void ping(String ip) throws IOException {
        InetAddress address = InetAddress.getByName(ip);
        while (true) {
            Process p1 = Runtime.getRuntime().exec("ping -n 1 " + address.getHostAddress());
            int returnVal = p1.waitFor();
            if (returnVal) {
                System.out.println("Ping successful to: " + address.getHostAddress());
                icmpCount.incrementAndGet();
                if (icmpCount.get() > THRESHOLD) {
                    System.out.println("Possible ping flood attack detected!");
                    // Take appropriate action here
                }
            }
        }
    }
}


In this code snippet, we are creating multiple threads to send ICMP ping requests to each IP address in a subnet. We monitor the number of successful ICMP ping requests and increment a counter. If the counter exceeds a predefined threshold, we print a message indicating a possible ping flood attack.


Please note that this is just a basic example and may need to be customized based on your specific requirements and the nature of the ping flood attack you are trying to detect. Additionally, it is important to set appropriate permissions and handle exceptions properly when working with network-related operations in Java.

Related Threads:

How to get the time in ping?
How to send a message with ping?
How to ping udp in php?
How to ping the server in android?
How to ping website in azure?
How to ping an ip address?