{"title":"基于网络处理器的SYN泛洪攻击检测改进算法","authors":"Yuli Fu, Yune Lai","doi":"10.1109/ICASID.2010.5551843","DOIUrl":null,"url":null,"abstract":"This paper presents an improved algorithm for detecting the SYN flooding attacks. The algorithm is based on the characteristics of the network processor IXP2850's hardware and software framework. It improves the typical method that is based on checking the received SYN segments twice from the same source. The improved algorithm will label the segments first, and then verify them to determine whether an attack happens. By this algorithm, the false alarm rate will decrease and the valid defense measures will be done at the right moment.","PeriodicalId":391931,"journal":{"name":"2010 International Conference on Anti-Counterfeiting, Security and Identification","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"An improved algorithm for detecting SYN flooding attacks based on network processor\",\"authors\":\"Yuli Fu, Yune Lai\",\"doi\":\"10.1109/ICASID.2010.5551843\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper presents an improved algorithm for detecting the SYN flooding attacks. The algorithm is based on the characteristics of the network processor IXP2850's hardware and software framework. It improves the typical method that is based on checking the received SYN segments twice from the same source. The improved algorithm will label the segments first, and then verify them to determine whether an attack happens. By this algorithm, the false alarm rate will decrease and the valid defense measures will be done at the right moment.\",\"PeriodicalId\":391931,\"journal\":{\"name\":\"2010 International Conference on Anti-Counterfeiting, Security and Identification\",\"volume\":\"31 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-07-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 International Conference on Anti-Counterfeiting, Security and Identification\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICASID.2010.5551843\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 International Conference on Anti-Counterfeiting, Security and Identification","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICASID.2010.5551843","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An improved algorithm for detecting SYN flooding attacks based on network processor
This paper presents an improved algorithm for detecting the SYN flooding attacks. The algorithm is based on the characteristics of the network processor IXP2850's hardware and software framework. It improves the typical method that is based on checking the received SYN segments twice from the same source. The improved algorithm will label the segments first, and then verify them to determine whether an attack happens. By this algorithm, the false alarm rate will decrease and the valid defense measures will be done at the right moment.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
