Title :
A mechanism to defend SYN flooding attack based on network measurement system
Author :
Xiaofeng, Qiu ; Jihong, Hao ; Ming, Chen
Author_Institution :
Dept. of Comput., PLA Univ. of Sci. & Technol., Nanjing, China
fDate :
28 June-1 July 2004
Abstract :
SYN flooding attack is a common method employed in denial of service (DoS) and distributed denial of service (DDoS). It´s hard to maintain the effective defense merely by passive defense measures such as monitoring and filtering. To avoid influencing the legitimate service requests and stop attacks at the source, the attack-detection and service-protection must be combined with the trace of the attack source. Having studied and concluded the features of such attacks, we propose a few key metrics to judge if an attack is undergoing. In this paper, the based platform, network measurement system (NMS) is outlined first. Then the detection method is discussed in detail, focusing on the features of service-protection, attack-elimination, and how to trace back the attack source. Finally, we present the experiments of the defending mechanism and analyze their results.
Keywords :
IP networks; security of data; telecommunication security; IP traceback; SYN flooding attack defense; attack detection; attack elimination; attack source trace; distributed denial of service; network measurement system; service protection; Automation; Computer crime; Computer networks; Computerized monitoring; Distributed computing; Floods; Modems; Programmable logic arrays; Security; TCPIP;
Conference_Titel :
Information Technology: Research and Education, 2004. ITRE 2004. 2nd International Conference on
Print_ISBN :
0-7803-8625-6
DOI :
10.1109/ITRE.2004.1393677
