Title :
Source Detection of SYN Flooding Attacks
Author :
Bellaïche, Martine ; Grégoire, Jean-Charles
Author_Institution :
Ecole Polytech. de Montreal, Montreal, QC, Canada
Abstract :
We present an original approach to detect sources that participate in a SYN flooding attacks by monitoring unusual handshake sequences. To protect the victim, it is better to detect the attacker early and as closely to the source as possible. Such a solution prevents waste of resources by restricting harmful- and useless-traffic across the network. Our source detection system uses an entropy measure to detect changes in the balance of TCP handshakes. Experimental results show that our method can indeed detect the sources of SYN flooding attacks in timely fashion.
Keywords :
security of data; telecommunication traffic; transport protocols; SYN flooding attacks; TCP handshakes; entropy; network traffic; source detection; unusual handshake sequences monitoring; Computer crime; Data security; Entropy; Floods; Monitoring; Protection; Protocols; TCPIP; Web and internet services; Web server;
Conference_Titel :
Network and Service Security, 2009. N2S '09. International Conference on
Conference_Location :
Paris
Print_ISBN :
978-2-9532-4431-1
