Title :
A More Accurate Scheme to Detect SYN Flood Attacks
Author :
Sun, Changhua ; Hu, Chengchen ; Zhou, Yachao ; Xiao, Xin ; Liu, Bin
Author_Institution :
Dept. of Comput. Sci. & Technol., Tsinghua Univ., Beijing
Abstract :
We propose to use the SYN/ACK-CliACK pair´s behavior to detect the various SYN flood attacks more accurately. The SYN/ACK packets carry the full information of the TCP connections and it is impossible for the attacker to evade the detection by spoofing the control packets. Moreover, we use a space efficient data structure, counting Bloom filter, to recognize the CliACK packet and the memory cost is 2 MB even for 10 Gbps link speeds. We need to fully compare our scheme with the existing detection mechanisms in future.
Keywords :
data structures; security of data; SYN flood attacks; counting Bloom filter; data structure; detection mechanisms; Bandwidth; Computer crime; Computer science; Floods; Internet; Network servers; Protection; Routing protocols; Sun; TCPIP;
Conference_Titel :
INFOCOM Workshops 2009, IEEE
Conference_Location :
Rio de Janeiro
Print_ISBN :
978-1-4244-3968-3
DOI :
10.1109/INFCOMW.2009.5072099
