An improved algorithm for detecting SYN flooding attacks based on network processor

Author

Fu, Yuli ; Lai, Yune

Author_Institution

Sch. of Electron. & Inf. Eng., South China Univ. of Technol., Guangzhou, China

fYear

2010

Firstpage

Lastpage

Abstract

This paper presents an improved algorithm for detecting the SYN flooding attacks. The algorithm is based on the characteristics of the network processor IXP2850´s hardware and software framework. It improves the typical method that is based on checking the received SYN segments twice from the same source. The improved algorithm will label the segments first, and then verify them to determine whether an attack happens. By this algorithm, the false alarm rate will decrease and the valid defense measures will be done at the right moment.

Keywords

authorisation; computer network security; microprocessor chips; IXP2850; SYN flooding attack; denial of service attack; network processor; Classification algorithms; Floods; Hardware; IP networks; Protocols; Random access memory; Servers; IXP2850; SYN flooding Attacks; same source SYN pagements;

fLanguage

English

Publisher

ieee

Conference_Titel

Anti-Counterfeiting Security and Identification in Communication (ASID), 2010 International Conference on

Conference_Location

Chengdu

Print_ISBN

978-1-4244-6731-0

Type

conf

DOI

10.1109/ICASID.2010.5551843

Filename

5551843

Link To Document

https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1626044