DocumentCode :
2381540
Title :
TCP SYN flood detection based on payload analysis
Author :
Haris, S.H.C. ; Ahmad, R.B. ; Ghani, M.A.H.A. ; Waleed, Ghossoon M.
Author_Institution :
Sch. of Comput. & Commun. Eng., Univ. Malaysia Perlis, Kangar, Malaysia
fYear :
2010
fDate :
13-14 Dec. 2010
Firstpage :
149
Lastpage :
153
Abstract :
Transmission Control Protocol (TCP) Synchronized (SYN) Flood has become a problem to the network management to defend the network server from being attacked by the malicious attackers. The malicious attackers can easily exploit the TCP three-way handshake by making the server exhausted and unavailable with spoofed Internet Protocol (IP) address. The main problem in this paper is how to detect TCP SYN flood through network. This paper used anomaly detection to detect TCP SYN flood attack based on payload and unusable area in Hypertext Transfer Protocol (HTTP). The results show that the proposed detection method can detect TCP SYN Flood in the network through the payload.
Keywords :
computer network management; computer network security; hypermedia; network servers; synchronisation; transport protocols; Internet protocol; SYN flood detection; TCP; anomaly detection; hypertext transfer protocol; malicious attackers; network management; network server; payload analysis; three-way handshake; transmission control protocol; HTTP; TCP Header; TCP SYN Flood; payload; unuseable area;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Research and Development (SCOReD), 2010 IEEE Student Conference on
Conference_Location :
Putrajaya
Print_ISBN :
978-1-4244-8647-2
Type :
conf
DOI :
10.1109/SCORED.2010.5703991
Filename :
5703991
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2381540
بازگشت