Defending against TCP SYN flooding attacks under different types of IP spoofing

Proceedings of the International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies,ICN/ICONS/MCL'06

Volumn 2006, Issue , 2006, Pages

  Chen, Wei ^a,b   Yeung, Dit Yan ^a  

^a HONG KONG UNIVERSITY OF SCIENCE AND TECHNOLOGY   (Hong Kong)

^b WUHAN UNIVERSITY   (China)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER SIMULATION; DATA STRUCTURES; DISTRIBUTED COMPUTER SYSTEMS; INTERNET; SECURITY OF DATA;

DENIAL OF SERVICE (DDOS); FLOODING ATTACKS; RANDOM SPOOFING;

NETWORK PROTOCOLS;

EID: 33750958535     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICNICONSMCL.2006.72     Document Type: Conference Paper

References (13)

1. Network simulator NS2.
2. S. Abdelsayed, D. Glimsholt, C. Leckie, S. Ryan, and S. Shami. An efficient filter for denial-of-service bandwidth attacks. In IEEE Global Telecommunications Conference(GLOBECOM'03), volume 3, pages 1353-1357, Dec 2003.
3. B. H. Bloom. Space/time trade-offs in hash coding with allowable errors. Communications of the ACM, 13(7):422-426, July 1970.
4. B. Brodsky. Nonpammetric Methods in Change-Point Problems. Kluwer Academic Publishers, The Netherlands, 1993.
5. E. Chan, H. Chan, K. Chan, V. Chan, S. Chanson, and etc. IDR: an intrusion detection router for defending against distributed denial-of-service(DDoS) attacks. In Proceedings of the 7th International Symposium on Parallel Architectures, Algorithms and Networks 2004(ISPAN'04)., pages 581-586, 2004.
6. R. Lippmann, D. Fried, I. Graf, J. Haines, K. Kendall, D. McClung, D. Weber, S. Webster, D. W. andR. Cunninghan, and M. Zissman. Evaluating intrusion detection systems: The 1998 DARPA off-line intrusion detection evaluation. In the 2000 DARPA Information Survivability Conference and Exposition, January 2000.
7. X. Luo and R. K. C. Chang. On a new class of pulsing denial-of-service attacks and the defense. In Network and Distributed System Security Symposium 2005(NDSS2005),San Diego, California, February 2005.
8. J. Mirkovic and P. Reiher. A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Computer Communications Review, 34(2):39-54, April 2004.
9. J. Postel. Transmission Control Protocol : DARPA internet program protocol specification,RFC 793, September 1981.
10. C. L. Schuba, I. V. Krsul, M. G. Kuhn, E. H. Spafford, A. Sundaram, and D. Zamboni. Analysis of a denial of service attack on TCP. In Proceedings of the 1997 IEEE Symposium on Security and Privacy, pages 208-223. IEEE Computer Society, May 1997.
11. A. C. Snoeren. Hash-based IP traceback. In Proceedings of the ACM SIGCOMM Conference, pages 3-14. ACM Press, August 2001.
12. H. Wang, D. Zhang, and K. G. Shin. Detecting SYN flooding attacks. In Proceedings of Annual Joint Conference of the IEEE Computer and Communications Societies(INFOCOM), volume 3, pages 1530-1539, June 23-27 2002.
13. H. Wang, D. Zhang, and K. G. Shin. Change-point monitoring for the detection of dos attack. IEEE Transactions on Dependable and Secure Computing, 1(4):193-208, October-December 2004.