---

Author(s): Mugerwa Joseph, Ajaegbu Chigozirim, Oyerinde Emmanuel , Awodele Simon Olufikayo .

Volume/Issue: Volume 8, Issue 2 (2025)

Page No: 130-140

Journal: British Journal of Computer, Networking and Information Technology (BJCNIT)

---

Abstract:

Distributed Denial-of-Service (DDoS) attacks continue to pose a significant threat to the availability and reliability of online services. This paper presents a novel detection algorithm that leverages Message Authentication Code (MAC)-based verification of ICMP traffic to identify and block bandwidth-depleting DDoS attacks. Unlike threshold-based or machine learning-dependent techniques, the proposed algorithm uses IP and MAC address correlation to validate the legitimacy of packets, effectively filtering spoofed traffic in real time. The approach was implemented and tested using the NS-2 simulation environment. Results demonstrate an average detection accuracy of 88.89%, with zero false positives and negligible resource overhead. The proposed method offers a lightweight and effective solution suitable for deployment in edge and enterprise networks. This research contributes a simple yet robust technique to the existing portfolio of DDoS mitigation strategies.

Keywords:

DDoS detection, ICMP verification, MAC authentication, network security, bandwidth depletion, spoofed traffic.

No. of Downloads: 0