On the Security and Vulnerability of PING

We present a formal specification of the PING protocol, and use three concepts of convergence theory, namely closure, convergence, and protection, to show that this protocol is secure against weak adversaries (and insecure against strong ones). We then argue that despite the security of PING against weak adversaries, the natural vulnerability of this protocol (or of any other protocol for that matter) can be exploited by a weak adversary to launch a denial of service attack against any computer that hosts the protocol. Finally, we discuss three mechanisms, namely ingress filtering, hop integrity, and soft firewalls that can be used to prevent denial of service attacks in the Internet.