• DocumentCode
    494921
  • Title

    Source Detection of SYN Flooding Attacks

  • Author

    Bellaïche, Martine ; Grégoire, Jean-Charles

  • Author_Institution
    Ecole Polytech. de Montreal, Montreal, QC, Canada
  • fYear
    2009
  • fDate
    24-26 June 2009
  • Firstpage
    1
  • Lastpage
    6
  • Abstract
    We present an original approach to detect sources that participate in a SYN flooding attacks by monitoring unusual handshake sequences. To protect the victim, it is better to detect the attacker early and as closely to the source as possible. Such a solution prevents waste of resources by restricting harmful- and useless-traffic across the network. Our source detection system uses an entropy measure to detect changes in the balance of TCP handshakes. Experimental results show that our method can indeed detect the sources of SYN flooding attacks in timely fashion.
  • Keywords
    security of data; telecommunication traffic; transport protocols; SYN flooding attacks; TCP handshakes; entropy; network traffic; source detection; unusual handshake sequences monitoring; Computer crime; Data security; Entropy; Floods; Monitoring; Protection; Protocols; TCPIP; Web and internet services; Web server;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Network and Service Security, 2009. N2S '09. International Conference on
  • Conference_Location
    Paris
  • Print_ISBN
    978-2-9532-4431-1
  • Type

    conf

  • Filename
    5161678
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=494921