Title :
SYN Flooding Attack Detection Based on Entropy Computing
Author :
Bellaiche, Martine ; Grégoir, Jean-Charles
Author_Institution :
Genie Inf. et Genie Logiciel, Ecole Polytech. de Montreal, Montreal, QC, Canada
Abstract :
We present an original approach to detect SYN flooding attacks from the victim´s side, by monitoring unusual handshake sequences. Detection is done in real-time to allow quick protection and help guarantee a proper defence. Our detection system uses an entropy measure to detect changes in the balance of TCP handshakes. Experiment results show that our method can detect SYN flooding attacks with better accuracy and robustness than traditional stateless methods, and with manageable overhead.
Keywords :
Internet; entropy; security of data; transport protocols; SYN flooding attack detection; TCP handshakes; entropy computing; Computer crime; Data security; Entropy; Face detection; Floods; Monitoring; Protection; Protocols; Robustness; Web and internet services;
Conference_Titel :
Global Telecommunications Conference, 2009. GLOBECOM 2009. IEEE
Conference_Location :
Honolulu, HI
Print_ISBN :
978-1-4244-4148-8
DOI :
10.1109/GLOCOM.2009.5425454
