Comparison of operating system implementations of SYN flood defenses (Cookies)
暂无分享,去创建一个
In this paper, we report on our comparison of the operating system implementation of the most common defense against SYN flood attacks, that is SYN cookies. We show, through experimentation, the differences in the performance of these different implementations. We also analyze that performance and propose a modification to the Linux implementation that should alleviate an implementation bottleneck. We implemented the modification and report the results at the end of this paper.
[1] Jonathan Lemon,et al. Resisting SYN Flood DoS Attacks with a SYN Cache , 2002, BSDCon.
[2] Kang G. Shin,et al. Detecting SYN flooding attacks , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.