• DocumentCode
    3218698
  • Title

    Annulling SYN Flooding Attacks with Whitelist

  • Author

    Kim, Tae-Hyung ; Choi, Young-Sik ; Kim, Jong ; Hong, Sung Je

  • Author_Institution
    Pohang Univ. of Sci. & Technol., Pohang
  • fYear
    2008
  • fDate
    25-28 March 2008
  • Firstpage
    371
  • Lastpage
    376
  • Abstract
    SYN flooding is one of classical denial of service (DoS) attacks abusing the TCP 3-way handshake process. This attack causes a server not to accept additional connection requests by filling the server´s backlog queue with malicious connection requests (SYNpackets). Although several methods have been proposed to solve the SYN Flooding attack, they cannot guarantee reliable connection establishments to clients under extremely aggressive SYN flooding attacks. In this paper, we propose a WhiteList-based defense scheme that increases connection success ratio of legitimate connection requests under SYN flooding attacks. We implemented this scheme as a Linux kernel module. Experimental results show that the proposed method ensures high connection success ratio for legitimate clients and effectively annuls bogus SYN flooding.
  • Keywords
    telecommunication security; transport protocols; Linux kernel module; SYN flooding attacks; TCP 3-way handshake process; denial of service attacks; Application software; Computer crime; Filling; Floods; Information technology; Kernel; Linux; Network servers; TCPIP; Web server;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Advanced Information Networking and Applications - Workshops, 2008. AINAW 2008. 22nd International Conference on
  • Conference_Location
    Okinawa
  • Print_ISBN
    978-0-7695-3096-3
  • Type

    conf

  • DOI
    10.1109/WAINA.2008.218
  • Filename
    4482942
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3218698