Title :
Annulling SYN Flooding Attacks with Whitelist
Author :
Kim, Tae-Hyung ; Choi, Young-Sik ; Kim, Jong ; Hong, Sung Je
Author_Institution :
Pohang Univ. of Sci. & Technol., Pohang
Abstract :
SYN flooding is one of classical denial of service (DoS) attacks abusing the TCP 3-way handshake process. This attack causes a server not to accept additional connection requests by filling the server´s backlog queue with malicious connection requests (SYNpackets). Although several methods have been proposed to solve the SYN Flooding attack, they cannot guarantee reliable connection establishments to clients under extremely aggressive SYN flooding attacks. In this paper, we propose a WhiteList-based defense scheme that increases connection success ratio of legitimate connection requests under SYN flooding attacks. We implemented this scheme as a Linux kernel module. Experimental results show that the proposed method ensures high connection success ratio for legitimate clients and effectively annuls bogus SYN flooding.
Keywords :
telecommunication security; transport protocols; Linux kernel module; SYN flooding attacks; TCP 3-way handshake process; denial of service attacks; Application software; Computer crime; Filling; Floods; Information technology; Kernel; Linux; Network servers; TCPIP; Web server;
Conference_Titel :
Advanced Information Networking and Applications - Workshops, 2008. AINAW 2008. 22nd International Conference on
Conference_Location :
Okinawa
Print_ISBN :
978-0-7695-3096-3
DOI :
10.1109/WAINA.2008.218
