An ICMP flood typically occurs when ICMP echo requests overload
its victim with so many requests that it expends all its
resources responding until it can no longer process valid network
traffic. With the ICMP flood protection feature enabled, and a
threshold set. If the threshold exceeded, the system invokes the
flood attack protection feature.
The default threshold value is 1000 packets per second. If the
threshold is exceeded, the security device ignores further
ICMP echo requests for the remainder of that second plus the
next second as well.
This attribute records the ICMP flood attack packets.