Analysis of a Denial of Service Attack on TCP

14 years 3 months ago

Download ftp.cerias.purdue.edu

This paper analyzes a network-baseddenial of service attack for IP (Internet Protocol) based networks. It is popularly called SYN ﬂooding. It works by an attacker sending many TCP (Transmission Control Protocol) connection requests with spoofed source addresses to a victim’s machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources. Once the target host’s resources are exhausted, no more incoming TCP connections can be established, thus denying further legitimate access. The paper contributes a detailed analysis of the SYN ﬂooding attack and a discussion of existing and proposed countermeasures. Furthermore, we introduce a new solution approach, explain its design, and evaluate its performance. Our approach offers protection against SYN ﬂooding for all hosts connected to the same local area network, independent of their operating system or networking stack implementation. It is highly portable, conﬁgurable, extensible,...

Christoph L. Schuba, Ivan Krsul, Markus G. Kuhn, E

Real-time Traffic

Incoming Tcp Connections | Security Privacy | SP 1997 | SYN ﬂooding Attack | Transmission Control Protocol |

claim paper

Post Info
More Details (n/a)

Added	06 Aug 2010
Updated	06 Aug 2010
Type	Conference
Year	1997
Where	SP
Authors	Christoph L. Schuba, Ivan Krsul, Markus G. Kuhn, Eugene H. Spafford, Aurobindo Sundaram, Diego Zamboni

Comments (0)

Sciweavers

Analysis of a Denial of Service Attack on TCP

Incoming Tcp Connections | Security Privacy | SP 1997 | SYN ﬂooding Attack | Transmission Control Protocol |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers