Preventing session table explosion in packet inspection computers

@article{Kim2005PreventingST,
  title={Preventing session table explosion in packet inspection computers},
  author={Hyogon Kim and Jinho Kim and Inhye Kang and Saewoong Bahk},
  journal={IEEE Transactions on Computers},
  year={2005},
  volume={54},
  pages={238-240}
}
We first show that various network attacks can cause fatal inflation of dynamic memory usage on packet processing computers. Considering Transmission control protocol (TCP) is utilized by most of these attacks as well as legitimate traffic, we propose a parsimonious memory management guideline based on the design of the TCP and the analysis of real-life Internet traces. In particular, we demonstrate that, for all practical purposes, one should not allocate memory for an embryonic TCP connection… CONTINUE READING
Highly Cited
This paper has 26 citations. REVIEW CITATIONS

From This Paper

Figures, tables, and topics from this paper.

Citations

Publications citing this paper.
Showing 1-10 of 17 extracted citations

Clock-like Flow Replacement Schemes for Resilient Flow Monitoring

2009 29th IEEE International Conference on Distributed Computing Systems • 2009
View 4 Excerpts
Highly Influenced

An Integrated Session Table for Security and QoS

2011 Conference on Network and Information Systems Security • 2011
View 1 Excerpt

QoS-aware firewall session table

2011 6th International Conference on Risks and Security of Internet and Systems (CRiSIS) • 2011
View 1 Excerpt

References

Publications referenced by this paper.
Showing 1-10 of 12 references

Maximizing Firewall Availabilty

S. Gill
http://www.qorbit.net/ documents/maximizing-firewall-availability.htm, June 2002. • 2002
View 3 Excerpts
Highly Influenced

Dynamic Memory Management for Packet Inspection Computers

H. Kim
techreport, http://net. korea.ac.kr/lifetime.html, 2004. • 2004
View 3 Excerpts

NLANR Network Traffic Packet Header Traces

NLANR
http://pma. nlanr.net/Traces/, 2004. • 2004
View 1 Excerpt

The Spread of Sapphire Worm

D. Moore
techreport, http:// www.caida.org/outreach/papers/2003/sapphire/sapphire.html, Feb. 2003. • 2003
View 2 Excerpts

Dealing with High Speed Links and Other Measurement Challenges

G. Iannaconne, C. Diot, I. Graham, N. McKeown
Proc. ACM SIGCOMM Internet Measurement Workshop, 2001. • 2001
View 1 Excerpt

Similar Papers

Loading similar papers…