1. Home
  2. Archives
  3. Vol 4 No 3 (2014)
  4. Articles

MODIFICATION OF TCP SYN FLOOD (DOS) ATTACK DETECTION ALGORITHM

Tomáš Halagan
Tomáš Kováčik


Abstract

This work focuses onto proposal and implementation of modification of SYN flood (DoS) attack detection algorithm. Based on Counting Bloom filter, the attack detection algorithm is proposed and implemented into KaTaLyzer network traffic monitoring tool. TCP attacks can be detected and network administrator can be notified in real-time about ongoing attack by using different notification methods.


Keywords

DoS; TCP; SYN; flood attack; network security; notification messages; detection module

Chen Y. Y. W.: Throttling spoofed SYN flooding traffic at the source. Telecommunication Systems, vol. 33, no. 3, 2006, pp. 47-65.

Fan L. et al.: Sumary cache: A scalable wide-area web cache sharing protocol. IEEE/ACM Transactions on Networking, vol. 8, no. 3, 2000, p. 281-293.

[CA-96.21] CERT. CERT Advisory CA-1996-21 TCP SYN Flooding and IP Spoofing Attacks: http://www.cert.org/advisories/CA-1996-21.html

Network monitoring tool Catalyzer: http://www.katalyzer.sk

Download


Published : 2014-09-26


Halagan, T., & Kováčik, T. (2014). MODIFICATION OF TCP SYN FLOOD (DOS) ATTACK DETECTION ALGORITHM. Informatyka, Automatyka, Pomiary W Gospodarce I Ochronie Środowiska, 4(3), 75-76. https://doi.org/10.5604/20830157.1121390

Tomáš Halagan  tomas.halagan@stuba.sk
Slovak University of Technology in Bratislava  Slovakia
Tomáš Kováčik 
Slovak University of Technology in Bratislava  Slovakia






Facebook Lublin University of Technology

Lublin University of Technology Publishing House

ul. Nadbystrzycka 36C/309D,
20-618 Lublin
tel. +48 81 538-46-59
email ph@pollub.pl

Copyright

Copyright 2019 by Lublin University of Technology
OJS Support and Customization by LIBCOM
Platform & workfow by OJS/PKP
Regulamin Platformy LUT PH
Regulations of the LUT PH e-Platform