• DocumentCode
    3086319
  • Title

    Detecting TCP SYN Flood Attack Based on Anomaly Detection

  • Author

    Haris, S.H.C. ; Ahmad, R.B. ; Ghani, M.A.H.A.

  • Author_Institution
    Sch. of Comput. & Commun. Eng., Univ. Malaysia Perlis, Kangar, Malaysia
  • fYear
    2010
  • fDate
    22-23 Sept. 2010
  • Firstpage
    240
  • Lastpage
    244
  • Abstract
    Transmission Control Protocol (TCP) Synchronized (SYN) Flood has become a problem to the network management to defend the network server from being attacked by the malicious attackers. The malicious attackers can easily exploit the TCP three-way handshake by making the server exhausted and unavailable. The main problem in this paper is how to detect TCP SYN flood through network. This paper used anomaly detection to detect TCP SYN flood attack based on payload and unusable area. The results show that the proposed detection method can detect TCP SYN Flood in the network through the payload.
  • Keywords
    computer network management; computer network security; invasive software; network servers; transport protocols; SYN flood attack; TCP; anomaly detection; malicious attackers; network management; network server; synchronized flood; three-way handshake; transmission control protocol; Filtering; Floods; IP networks; Monitoring; Payloads; Protocols; Servers; Anomaly Detection; IP Header; Payload; TCP Header; TCP SYN Flood;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Network Applications Protocols and Services (NETAPPS), 2010 Second International Conference on
  • Conference_Location
    Kedah
  • Print_ISBN
    978-1-4244-8048-7
  • Electronic_ISBN
    978-0-7695-4177-8
  • Type

    conf

  • DOI
    10.1109/NETAPPS.2010.50
  • Filename
    5635797
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3086319