Title :
Packet analysis using packet filtering and traffic monitoring techniques
Author :
Haris, H. S C ; Ahmad, R.B. ; Ghani, M.A.H.A. ; Waleed, Ghossoon M.
Author_Institution :
Sch. of Comput. & Commun. Eng., Univ. Malaysia Perlis, Kangar, Malaysia
Abstract :
Malicious attackers intended to annihilate the availability of network server with threats such as Transmission Control Protocol (TCP) Synchronized (SYN) Flood. The attackers usually make the server exhausted and unavailable in order to complete the TCP three-way handshake mechanism. Detecting TCP SYN Flood in the Hypertext Transfer Protocol (HTTP) is the main problem in this paper. Anomaly detection is used to detect TCP SYN flood attack focusing in payload and unusable area. The unusual three-way handshake mechanism is also being analyzed. The results show that the proposed detection method using the combination of packet filtering and traffic monitoring can detect TCP SYN Flood in the network.
Keywords :
computer network security; network servers; telecommunication traffic; transport protocols; TCP three-way handshake mechanism; hypertext transfer protocol; malicious attackers; network server; packet analysis; packet filtering; traffic monitoring techniques; transmission control protocol synchronized flood attack; Filtering; Floods; IP networks; Monitoring; Payloads; Protocols; Servers; HTTP; IP; Packet Filtering; TCP SYN Flood; Traffic Monitoring;
Conference_Titel :
Computer Applications and Industrial Electronics (ICCAIE), 2010 International Conference on
Conference_Location :
Kuala Lumpur
Print_ISBN :
978-1-4244-9054-7
DOI :
10.1109/ICCAIE.2010.5735088
