ABSTRACT
A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service. SYN flood attack is one of the most common types of DoS. In this lab, we model and simulate a real world network, and we launch a SYN attack against our web server. Through this, we study the nature of the attack and investigate the effectiveness of several approaches in defending against SYN attack. This lab will allow students to anatomize the SYN flooding attack and defense in the lab environment and obtain data and parameters of DoS resilience capability.
- Alefiya Hussain, John Heidemann, and Christos Papadopoulos, A Framework for Classifying Denial of Service Attacks, In Proceedings of the ACM SIGCOMM Conference, pp. 99--110. Karlsruhe, Germany, ACM. August 2003. Google ScholarDigital Library
- http://www.ethereal.com/Google Scholar
- http://packetstormsecurity.org/DoS/index2.htmlGoogle Scholar
- A. Kuzmanovic and E. Knightly. Low-Rate TCP-Targeted Denial of Service Attacks. In Proceedings of ACM SIGCOMM '03, Karlsruhe, Germany, August 2003. Google ScholarDigital Library
Index Terms
- A lab implementation of SYN flood attack and defense
Recommendations
SYN Flood Defense in Programmable Data Planes
EuroP4'20: Proceedings of the 3rd P4 Workshop in EuropeThe SYN flood attack is a common attack strategy as part of Distributed Denial-of-Service, which steadily becomes more frequent and of higher volume. To defend against SYN floods, preventing valuable service downtime, malicious traffic has to be ...
Danger theory based SYN flood attack detection in autonomic network
SIN '09: Proceedings of the 2nd international conference on Security of information and networksIn the context of autonomic environment, we present a simple yet, effective Danger Theory based method to detect TCP SYN Flooding attack. An autonomous communication network consists of self-managed (i.e. self-configuring, self-awareness, self-...
An autonomous defense against SYN flooding attacks: Detect and throttle attacks at the victim side independently
Distributed denial of service (DDoS) attacks seriously threaten Internet services yet there is currently no defence against such attacks that provides both early detection, allowing time for counteraction, and an accurate response. Traditional detection ...
Comments