Syn Flood Attack Detection and Type Distinguishing Mechanism Based on Counting Bloom Filter - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2015

Syn Flood Attack Detection and Type Distinguishing Mechanism Based on Counting Bloom Filter

Résumé

Presented work focuses onto proposal, implementation and evaluation of the new method for detection and type identification of SYN flood (DoS) attacks. The method allows distinguishing type of detected SYN flood attacks – random, subnet or fixed. Based on Counting Bloom filter, the attack detection and identification algorithm is proposed, implemented and evaluated in KaTaLyzer network traffic monitoring tool. Proof of correctness of the approach for TCP SYN flood attack detection and type identification is provided – both in practical and theoretical manners. In practice, new module for KaTaLyzer is implemented and TCP attacks are detected, identified and network administrator is notified about them in real-time.
Fichier principal
Vignette du fichier
978-3-319-24315-3_4_Chapter.pdf (547.55 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01466237 , version 1 (13-02-2017)

Licence

Paternité

Identifiants

Citer

Tomáš Halagan, Tomáš Kováčik, Peter Trúchly, Andrej Binder. Syn Flood Attack Detection and Type Distinguishing Mechanism Based on Counting Bloom Filter. 3rd International Conference on Information and Communication Technology-EurAsia (ICT-EURASIA) and 9th International Conference on Research and Practical Issues of Enterprise Information Systems (CONFENIS), Oct 2015, Daejon, South Korea. pp.30-39, ⟨10.1007/978-3-319-24315-3_4⟩. ⟨hal-01466237⟩
290 Consultations
266 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More