• DocumentCode
    2381540
  • Title

    TCP SYN flood detection based on payload analysis

  • Author

    Haris, S.H.C. ; Ahmad, R.B. ; Ghani, M.A.H.A. ; Waleed, Ghossoon M.

  • Author_Institution
    Sch. of Comput. & Commun. Eng., Univ. Malaysia Perlis, Kangar, Malaysia
  • fYear
    2010
  • fDate
    13-14 Dec. 2010
  • Firstpage
    149
  • Lastpage
    153
  • Abstract
    Transmission Control Protocol (TCP) Synchronized (SYN) Flood has become a problem to the network management to defend the network server from being attacked by the malicious attackers. The malicious attackers can easily exploit the TCP three-way handshake by making the server exhausted and unavailable with spoofed Internet Protocol (IP) address. The main problem in this paper is how to detect TCP SYN flood through network. This paper used anomaly detection to detect TCP SYN flood attack based on payload and unusable area in Hypertext Transfer Protocol (HTTP). The results show that the proposed detection method can detect TCP SYN Flood in the network through the payload.
  • Keywords
    computer network management; computer network security; hypermedia; network servers; synchronisation; transport protocols; Internet protocol; SYN flood detection; TCP; anomaly detection; hypertext transfer protocol; malicious attackers; network management; network server; payload analysis; three-way handshake; transmission control protocol; HTTP; TCP Header; TCP SYN Flood; payload; unuseable area;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Research and Development (SCOReD), 2010 IEEE Student Conference on
  • Conference_Location
    Putrajaya
  • Print_ISBN
    978-1-4244-8647-2
  • Type

    conf

  • DOI
    10.1109/SCORED.2010.5703991
  • Filename
    5703991
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2381540