Sciweavers

SP
1997
IEEE

Analysis of a Denial of Service Attack on TCP

13 years 7 months ago
Analysis of a Denial of Service Attack on TCP
This paper analyzes a network-baseddenial of service attack for IP (Internet Protocol) based networks. It is popularly called SYN flooding. It works by an attacker sending many TCP (Transmission Control Protocol) connection requests with spoofed source addresses to a victim’s machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources. Once the target host’s resources are exhausted, no more incoming TCP connections can be established, thus denying further legitimate access. The paper contributes a detailed analysis of the SYN flooding attack and a discussion of existing and proposed countermeasures. Furthermore, we introduce a new solution approach, explain its design, and evaluate its performance. Our approach offers protection against SYN flooding for all hosts connected to the same local area network, independent of their operating system or networking stack implementation. It is highly portable, configurable, extensible,...
Christoph L. Schuba, Ivan Krsul, Markus G. Kuhn, E
Added 06 Aug 2010
Updated 06 Aug 2010
Type Conference
Year 1997
Where SP
Authors Christoph L. Schuba, Ivan Krsul, Markus G. Kuhn, Eugene H. Spafford, Aurobindo Sundaram, Diego Zamboni
Comments (0)