• DocumentCode
    3378421
  • Title

    A novel SYN Cookie method for TCP layer DDoS attack

  • Author

    Bo Hang ; Hu, Ruimin

  • Author_Institution
    Math. & Comput. Sci. Coll., Xiangfan Univ., Xiangfan, China
  • fYear
    2009
  • fDate
    13-14 Dec. 2009
  • Firstpage
    445
  • Lastpage
    448
  • Abstract
    With the development of network, the issues of network security are rapidly becoming a serious problem, and the Denial of Service (DoS) attack has already become the greatest threat to the network. SYN Flood attack is one of the most common distributed denial of service attack way (DDoS). This paper presents an improved SYN Cookie method, designing a novel attack detector processing and a enhanced attack respondor with a new cookie verification algorithm and changing the definition of cookie field, to reduce algorithm complexity with the ensurance of security. The experiment results show that the proposed method provided an average computational complexity reduction of 30% compared with the traditional method. The new method can be an effective defense against the TCP SYN Flood attack with a lower complexity.
  • Keywords
    computer network security; transport protocols; SYN Cookie method; TCP layer DDoS attack; attack detector processing; cookie verification algorithm; distributed denial of service attack; network security; Biomedical engineering; Computer crime; Computer networks; Computer science; Educational institutions; Floods; Large-scale systems; Mathematics; Network servers; Protocols; DDoS; SYN Cookie; SYN Flood;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    BioMedical Information Engineering, 2009. FBIE 2009. International Conference on Future
  • Conference_Location
    Sanya
  • Print_ISBN
    978-1-4244-4690-2
  • Electronic_ISBN
    978-1-4244-4692-6
  • Type

    conf

  • DOI
    10.1109/FBIE.2009.5405818
  • Filename
    5405818
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3378421