Defending Against TCP SYN Flooding Attacks Under Different Types of IP Spoofing
作者: Wei Chen , Dit-Yan Yeung
DOI: 10.1109/ICNICONSMCL.2006.72
关键词:
摘要: TCP-based flooding attacks are a common form of Distributed Denial-of-Service (DDoS) which abuse network resources and can bring about serious threats to the Internet. Incorporating IP spoofing makes it even more di..cult defend against such attacks. Among di..erent techniques, include random spoofing, subnet fixed is most type fight against. In this paper, we propose simple e..cient method detect TCP SYN under types, including spoofing. The use storage-e..cient data structure change-point detection distinguish complete three-way handshakes from incomplete ones. Simulation experiments consistently show that our both efficient e..ective in defending types.
computer.org
ieeecomputersociety.org参考文章(12)
B. E. Brodsky, B. S. Darkhovsky, Nonparametric methods in change-point problems Kluwer Academic Publishers. ,(1993) , 10.1007/978-94-015-8163-9
Xiapu Luo, Rocky K. C. Chang, On a New Class of Pulsing Denial-of-Service Attacks and the Defense. network and distributed system security symposium. ,(2005)
R.P. Lippmann, D.J. Fried, I. Graf, J.W. Haines, K.R. Kendall, D. McClung, D. Weber, S.E. Webster, D. Wyschogrod, R.K. Cunningham, M.A. Zissman, Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation darpa information survivability conference and exposition. ,vol. 2, pp. 12- 26 ,(2000) , 10.1109/DISCEX.2000.821506
Xiapu Luo, E.W.W. Chan, R.K.C. Chang, Vanguard: A New Detection Scheme for a Class of TCP-targeted Denial-of-Service Attacks network operations and management symposium. pp. 507- 518 ,(2006) , 10.1109/NOMS.2006.1687579
Jelena Mirkovic, Peter Reiher, A taxonomy of DDoS attack and DDoS defense mechanisms acm special interest group on data communication. ,vol. 34, pp. 39- 53 ,(2004) , 10.1145/997150.997156
Alex C. Snoeren, Hash-based IP traceback Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications - SIGCOMM '01. ,vol. 31, pp. 3- 14 ,(2001) , 10.1145/383059.383060
Burton H. Bloom, Space/time trade-offs in hash coding with allowable errors Communications of the ACM. ,vol. 13, pp. 422- 426 ,(1970) , 10.1145/362686.362692
Haining Wang, Danlu Zhang, Kang G. Shin, Detecting SYN flooding attacks international conference on computer communications. ,vol. 3, pp. 1530- 1539 ,(2002) , 10.1109/INFCOM.2002.1019404
C.L. Schuba, I.V. Krsul, M.G. Kuhn, E.H. Spafford, A. Sundaram, D. Zamboni, Analysis of a denial of service attack on TCP ieee symposium on security and privacy. pp. 208- 223 ,(1997) , 10.1109/SECPRI.1997.601338
Eric YK Chan, HW Chan, KM Chan, Vivien PS Chan, Samuel T Chanson, Matthew MH Cheung, CF Chong, Kam-Pui Chow, Albert KT Hui, Lucas Chi Kwong Hui, Luke CK Lam, WC Lau, Kevin KH Pun, Anthony YF Tsang, Wai Wan Tsang, Sam CW Tso, Dit-Yan Yeung, Kwun Yin Yu, IDR: an intrusion detection router for defending against distributed denial-of-service (DDoS) attacks international symposium on parallel architectures algorithms and networks. pp. 581- 586 ,(2004) , 10.1109/ISPAN.2004.1300541