A More Accurate Scheme to Detect SYN Flood Attacks
作者: Changhua Sun , Chengchen Hu , Yachao Zhou , Xin Xiao , Bin Liu
DOI: 10.1109/INFCOMW.2009.5072099
关键词:
摘要: We propose to use the SYN/ACK-CliACK pair's behavior detect various SYN flood attacks more accurately. The SYN/ACK packets carry full information of TCP connections and it is impossible for attacker evade detection by spoofing control packets. Moreover, we a space efficient data structure, counting Bloom filter, recognize CliACK packet memory cost 2 MB even 10 Gbps link speeds. need fully compare our scheme with existing mechanisms in future.
sci-hub.se 参考文章(6)
Wesley M. Eddy, TCP SYN Flooding Attacks and Common Mitigations RFC. ,vol. 4987, pp. 1- 19 ,(2007)
Andrei Broder, Michael Mitzenmacher, Network Applications of Bloom Filters: A Survey Internet Mathematics. ,vol. 1, pp. 485- 509 ,(2004) , 10.1080/15427951.2004.10129096
Changhua Sun, Jindou Fan, Bin Liu, A Robust Scheme to Detect SYN Flooding Attacks international conference on communications. pp. 397- 401 ,(2007) , 10.1109/CHINACOM.2007.4469411
Ramana Rao Kompella, Sumeet Singh, George Varghese, On scalable attack detection in the network IEEE ACM Transactions on Networking. ,vol. 15, pp. 14- 25 ,(2007) , 10.1109/TNET.2006.890115
Haining Wang, Danlu Zhang, Kang G. Shin, Detecting SYN flooding attacks international conference on computer communications. ,vol. 3, pp. 1530- 1539 ,(2002) , 10.1109/INFCOM.2002.1019404
Wei Chen, Dit-Yan Yeung, Defending Against TCP SYN Flooding Attacks Under Different Types of IP Spoofing international conference on networking. ,vol. 2006, pp. 38- 38 ,(2006) , 10.1109/ICNICONSMCL.2006.72