针对DDoS攻击的高效SYN欺骗检测与缓解方案

2017 Second International Conference on Recent Trends and Challenges in Computational Models (ICRTCCM) Pub Date : 2017-02-01 DOI:10.1109/ICRTCCM.2017.55

L. Kavisankar, C. Chellappan, S. Venkatesan, P. Sivasankar

{"title":"针对DDoS攻击的高效SYN欺骗检测与缓解方案","authors":"L. Kavisankar, C. Chellappan, S. Venkatesan, P. Sivasankar","doi":"10.1109/ICRTCCM.2017.55","DOIUrl":null,"url":null,"abstract":"Protection of critical server from cyber attacks is vital, especially in the case of active attacks like Distributed Denial of Service (DDoS). Seamless services are provided by the constant availability of the server which plays an important factor in providing the customer good Quality of Service (QoS). Monitoring and rate limiting the flow of packets will protect the victim systems by allowing only trusted users during the DDoS attack. The job of the security professionals becomes complex, when the attacks are launched from trusted IP addresses, using Synchronization (SYN) spoofing. The work presented in this paper is experimented with Efficient Spoofed Mitigation Scheme (ESMS) which uses the TCP probing method along with the bloom filter trust model. The proposed scheme provides accurate and robust information for the detection and controlling of the spoofed packets, during the DDoS attacks.","PeriodicalId":134897,"journal":{"name":"2017 Second International Conference on Recent Trends and Challenges in Computational Models (ICRTCCM)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Efficient SYN Spoofing Detection and Mitigation Scheme for DDoS Attack\",\"authors\":\"L. Kavisankar, C. Chellappan, S. Venkatesan, P. Sivasankar\",\"doi\":\"10.1109/ICRTCCM.2017.55\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Protection of critical server from cyber attacks is vital, especially in the case of active attacks like Distributed Denial of Service (DDoS). Seamless services are provided by the constant availability of the server which plays an important factor in providing the customer good Quality of Service (QoS). Monitoring and rate limiting the flow of packets will protect the victim systems by allowing only trusted users during the DDoS attack. The job of the security professionals becomes complex, when the attacks are launched from trusted IP addresses, using Synchronization (SYN) spoofing. The work presented in this paper is experimented with Efficient Spoofed Mitigation Scheme (ESMS) which uses the TCP probing method along with the bloom filter trust model. The proposed scheme provides accurate and robust information for the detection and controlling of the spoofed packets, during the DDoS attacks.\",\"PeriodicalId\":134897,\"journal\":{\"name\":\"2017 Second International Conference on Recent Trends and Challenges in Computational Models (ICRTCCM)\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 Second International Conference on Recent Trends and Challenges in Computational Models (ICRTCCM)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICRTCCM.2017.55\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 Second International Conference on Recent Trends and Challenges in Computational Models (ICRTCCM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICRTCCM.2017.55","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

摘要

保护关键服务器免受网络攻击至关重要，特别是在分布式拒绝服务(DDoS)等主动攻击的情况下。无缝服务是由服务器的持续可用性提供的，这在为客户提供良好的服务质量(QoS)方面起着重要的作用。在DDoS攻击期间，监控和限速数据包流将通过只允许受信任的用户来保护受害系统。当攻击使用同步(SYN)欺骗从受信任的IP地址发起时，安全专业人员的工作变得复杂。本文提出的工作在高效欺骗缓解方案(ESMS)中进行了实验，该方案使用TCP探测方法和布隆过滤器信任模型。该方案为DDoS攻击过程中欺骗报文的检测和控制提供了准确、可靠的信息。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Efficient SYN Spoofing Detection and Mitigation Scheme for DDoS Attack

Protection of critical server from cyber attacks is vital, especially in the case of active attacks like Distributed Denial of Service (DDoS). Seamless services are provided by the constant availability of the server which plays an important factor in providing the customer good Quality of Service (QoS). Monitoring and rate limiting the flow of packets will protect the victim systems by allowing only trusted users during the DDoS attack. The job of the security professionals becomes complex, when the attacks are launched from trusted IP addresses, using Synchronization (SYN) spoofing. The work presented in this paper is experimented with Efficient Spoofed Mitigation Scheme (ESMS) which uses the TCP probing method along with the bloom filter trust model. The proposed scheme provides accurate and robust information for the detection and controlling of the spoofed packets, during the DDoS attacks.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 Second International Conference on Recent Trends and Challenges in Computational Models (ICRTCCM)

自引率

0.00%

发文量