论文信息 - NEMESI:Using a TCP Finite State Machine against TCP SYN Flooding Attacks

NEMESI:Using a TCP Finite State Machine against TCP SYN Flooding Attacks

Over the last few years the Internet has seen a continuous rise of malicious traffic. These include the Denial of Service (DoS) attacks, viruses, Trojans, spam mails and worm attacks. In this paper we focus on experiments with TCP SYN flooding attacks. We introduce a new approach to prevent such attacks based on passive monitoring of the frequency of TCP SYN packets and peak intervals, with respect to other packets, in combination with a dynamically adapted connection drop

Alan Miller | Ishbel Duncan | A. Gemona

[1] George Kesidis,et al. Denial-of-service attack-detection techniques , 2006, IEEE Internet Computing.

[2] Sven Dietrich,et al. Analyzing Distributed Denial of Service Tools: The Shaft Case , 2000, LISA.

[3] Stefan Savage,et al. Inferring Internet denial-of-service activity , 2001, TOCS.

[4] Martin Roesch,et al. Snort - Lightweight Intrusion Detection for Networks , 1999 .

[5] Mark Handley,et al. Using Routing and Tunneling to Combat DoS Attacks , 2005, SRUTI.

[6] Mario Gerla,et al. D-ward: source-end defense against distributed denial-of-service attacks , 2003 .