A Robust Scheme to Detect SYN Flooding Attacks

  title={A Robust Scheme to Detect SYN Flooding Attacks},
  author={Changhua Sun and Jindou Fan and Bin Liu},
  journal={2007 Second International Conference on Communications and Networking in China},
  • Changhua Sun, Jindou Fan, Bin Liu
  • Published 2007
  • Computer Science
  • 2007 Second International Conference on Communications and Networking in China
  • We propose a more robust scheme to detect SYN flooding attacks. Existing methods for detecting SYN flooding are based on the protocol behavior of TCP SYN-FIN (RST) or SYN-ACK pairs, as normally the number of SYN packets is equal to that of FIN (added with RST) packets, or ACK packets in the handshake. When SYN flood starts, there will be more SYN packets. However, the attacker can avoid the detection by sending the FIN or RST packets (ACK packets) in conjunction with the SYN packets. To make… CONTINUE READING
    21 Citations
    More Accurate and Fast SYN Flood Detection
    • 12
    Traceback-Based Bloomfilter IPS in Defending SYN Flooding Attack
    • 11
    • Highly Influenced
    A More Accurate Scheme to Detect SYN Flood Attacks
    • 10
    • PDF
    SACK2: effective SYN flood detection against skillful spoofs
    • 8
    Analysing the influence of the DCBF data structure on the DoS attack detection
    • Ivica Dodig, Davor Cafuta, V. Sruk
    • Computer Science
    • 2017 International Conference on Infocom Technologies and Unmanned Systems (Trends and Future Directions) (ICTUS)
    • 2017
    Wireless Intrusion Detection for defending against TCP SYN flooding attack and man-in-the-middle attack
    • 10
    ARM-CPD: Detecting SYN flooding attack by traffic prediction
    • 6
    Distributed Denial of Service (DDoS) Attacks Detection Mechanism
    • 13
    • PDF


    Detecting SYN flooding attacks
    • H. Wang, D. Zhang, K. Shin
    • Computer Science
    • Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies
    • 2002
    • 662
    • PDF
    Defending Against TCP SYN Flooding Attacks Under Different Types of IP Spoofing
    • Wei Chen, D. Yeung
    • Computer Science
    • International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies (ICNICONSMCL'06)
    • 2006
    • 84
    • PDF
    Resisting SYN Flood DoS Attacks with a SYN Cache
    • J. Lemon
    • Computer Science, Engineering
    • BSDCon
    • 2002
    • 220
    • PDF
    TCP SYN Flooding Attacks and Common Mitigations
    • W. Eddy
    • Geography, Computer Science
    • RFC
    • 2007
    • 280
    • PDF
    Summary cache: a scalable wide-area web cache sharing protocol
    • 2,109
    • PDF
    Network Applications of Bloom Filters: A Survey
    • 2,071
    • PDF
    Space/time trade-offs in hash coding with allowable errors
    • 6,718
    • PDF
    Efficient Hardware Hashing Functions for High Performance Computers
    • 191
    • PDF
    Nonparametric Methods in Change Point Problems
    • 608