Preventing session table explosion in packet inspection computers

  title={Preventing session table explosion in packet inspection computers},
  author={H. Kim and J. Kim and I. Kang and S. Bahk},
  journal={IEEE Transactions on Computers},
  • H. Kim, J. Kim, +1 author S. Bahk
  • Published 2005
  • Computer Science
  • IEEE Transactions on Computers
  • We first show that various network attacks can cause fatal inflation of dynamic memory usage on packet processing computers. Considering Transmission control protocol (TCP) is utilized by most of these attacks as well as legitimate traffic, we propose a parsimonious memory management guideline based on the design of the TCP and the analysis of real-life Internet traces. In particular, we demonstrate that, for all practical purposes, one should not allocate memory for an embryonic TCP connection… CONTINUE READING

    Figures, Tables, and Topics from this paper.

    Robust dynamic network traffic partitioning against malicious attacks
    • 5
    • PDF
    Clock-like Flow Replacement Schemes for Resilient Flow Monitoring
    • 4
    • PDF
    H/W based Stateful Packet Inspection using a Novel Session Architecture
    • 6
    • PDF


    Publications referenced by this paper.
    Architecture for a hardware-based, TCP/IP content-processing system
    • 66
    • PDF
    Computing TCP's Retransmission Timer
    • 703
    • PDF
    Monitoring very high speed links
    • 125
    • PDF
    What packets may come: automata for network monitoring
    • 38
    • PDF
    A framework for flow-based accounting on the Internet
    • 20
    • PDF
    Events of 21-oct-2002
    • 21
    • Highly Influential
    Dealing with High Speed Links and Other Measurement Challenges
    • 2001
    Dynamic Memory Management for Packet Inspection Computers
      Fast scalable algorithms for level four switching
      • 21