TCP/IP illustrated (vol. 1): the protocols
TCP/IP illustrated (vol. 1): the protocols
Fast and scalable layer four switching
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
What packets may come: automata for network monitoring
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Monitoring very high speed links
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
Session management architecture for implementing an FPGA-based stateful intrusion detection system
ACS'08 Proceedings of the 8th conference on Applied computer scince
| Hi-index | 14.98 |
In this paper, we first show that various network attacks can cause fatal inflation of dynamic memory usage on packet processing computers. Considering Transmission Control Protocol (TCP) is utilized by most of these attacks as well as legitimate traffic, we propose a parsimonious memory management guideline based on the design of the TCP and the analysis of real-life Internet traces. In particular, we demonstrate that, for all practical purposes, one should not allocate memory for an embryonic TCP connection with roughly more than 10 seconds of inactivity.