• DocumentCode
    2021824
  • Title

    A More Accurate Scheme to Detect SYN Flood Attacks

  • Author

    Sun, Changhua ; Hu, Chengchen ; Zhou, Yachao ; Xiao, Xin ; Liu, Bin

  • Author_Institution
    Dept. of Comput. Sci. & Technol., Tsinghua Univ., Beijing
  • fYear
    2009
  • fDate
    19-25 April 2009
  • Firstpage
    1
  • Lastpage
    2
  • Abstract
    We propose to use the SYN/ACK-CliACK pair´s behavior to detect the various SYN flood attacks more accurately. The SYN/ACK packets carry the full information of the TCP connections and it is impossible for the attacker to evade the detection by spoofing the control packets. Moreover, we use a space efficient data structure, counting Bloom filter, to recognize the CliACK packet and the memory cost is 2 MB even for 10 Gbps link speeds. We need to fully compare our scheme with the existing detection mechanisms in future.
  • Keywords
    data structures; security of data; SYN flood attacks; counting Bloom filter; data structure; detection mechanisms; Bandwidth; Computer crime; Computer science; Floods; Internet; Network servers; Protection; Routing protocols; Sun; TCPIP;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    INFOCOM Workshops 2009, IEEE
  • Conference_Location
    Rio de Janeiro
  • Print_ISBN
    978-1-4244-3968-3
  • Type

    conf

  • DOI
    10.1109/INFCOMW.2009.5072099
  • Filename
    5072099
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2021824