A Robust Scheme to Detect SYN Flooding Attacks

@article{Sun2007ARS,
  title={A Robust Scheme to Detect SYN Flooding Attacks},
  author={Changhua Sun and Jindou Fan and Bin Liu},
  journal={2007 Second International Conference on Communications and Networking in China},
  year={2007},
  pages={397-401}
}
We propose a more robust scheme to detect SYN flooding attacks. Existing methods for detecting SYN flooding are based on the protocol behavior of TCP SYN-FIN (RST) or SYN-ACK pairs, as normally the number of SYN packets is equal to that of FIN (added with RST) packets, or ACK packets in the handshake. When SYN flood starts, there will be more SYN packets. However, the attacker can avoid the detection by sending the FIN or RST packets (ACK packets) in conjunction with the SYN packets. To make… CONTINUE READING
Highly Cited
This paper has 23 citations. REVIEW CITATIONS

Similar Papers

Loading similar papers…