DocumentCode :
3086319
Title :
Detecting TCP SYN Flood Attack Based on Anomaly Detection
Author :
Haris, S.H.C. ; Ahmad, R.B. ; Ghani, M.A.H.A.
Author_Institution :
Sch. of Comput. & Commun. Eng., Univ. Malaysia Perlis, Kangar, Malaysia
fYear :
2010
fDate :
22-23 Sept. 2010
Firstpage :
240
Lastpage :
244
Abstract :
Transmission Control Protocol (TCP) Synchronized (SYN) Flood has become a problem to the network management to defend the network server from being attacked by the malicious attackers. The malicious attackers can easily exploit the TCP three-way handshake by making the server exhausted and unavailable. The main problem in this paper is how to detect TCP SYN flood through network. This paper used anomaly detection to detect TCP SYN flood attack based on payload and unusable area. The results show that the proposed detection method can detect TCP SYN Flood in the network through the payload.
Keywords :
computer network management; computer network security; invasive software; network servers; transport protocols; SYN flood attack; TCP; anomaly detection; malicious attackers; network management; network server; synchronized flood; three-way handshake; transmission control protocol; Filtering; Floods; IP networks; Monitoring; Payloads; Protocols; Servers; Anomaly Detection; IP Header; Payload; TCP Header; TCP SYN Flood;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Network Applications Protocols and Services (NETAPPS), 2010 Second International Conference on
Conference_Location :
Kedah
Print_ISBN :
978-1-4244-8048-7
Electronic_ISBN :
978-0-7695-4177-8
Type :
conf
DOI :
10.1109/NETAPPS.2010.50
Filename :
5635797
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3086319
بازگشت