Detecting SYN flooding attacks near innocent side

Authors:
Yanxiang He;Wei Chen;Bin Xiao
Affiliations:
Computer School, The State Key Lab of Software Engineering, Wuhan University, Wuhan, Hubei, China;Computer School, The State Key Lab of Software Engineering, Wuhan University, Wuhan, Hubei, China;Department of Computing, The Hong Kong Polytechnic University, Hung Hom, Kowloon, Hong Kong
Venue:
MSN'05 Proceedings of the First international conference on Mobile Ad-hoc and Sensor Networks
Year:
2005

Citing 6
Cited 1

Space/time trade-offs in hash coding with allowable errors

Communications of the ACM
Hash-based IP traceback

Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Analysis of a Denial of Service Attack on TCP

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Building a better NetFlow

Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Inferring internet denial-of-service activity

SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Defending against flooding-based distributed denial-of-service attacks: a tutorial

IEEE Communications Magazine

Distinguishing between FE and DDoS Using Randomness Check

ISC '08 Proceedings of the 11th international conference on Information Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Distributed Denial-of-Service (DDoS) attacks seriously threat the servers in the Internet. Most of current research is focused on the detection and prevention methods at the victim side or the source side. However, defense at the innocent side, whose IP is used as the spoofed IP by the attacker, is always ignored. In this paper, a novel method at the innocent side has been proposed. Our detection scheme gives accurate detection results using little storage and computation resource. From the result of experiments, the approach presented in this paper yields accurate DDoS.