{"title":"云环境下防止SYN Flood DoS攻击的方法","authors":"Raluca Oncioiu, E. Simion","doi":"10.1109/ICCOMM.2018.8484802","DOIUrl":null,"url":null,"abstract":"Denial-of-service (DOS) attacks are the most frequent attacks in Cloud. Usually this type of attack consists in sending a large number of requests that will overwhelm the functioning of Cloud. DOS attack implies IP spoofing because each request needs to be different. So the server will consume its resources and it will not be able to reply to a legitimate connection request. SYN floods are the second most common type of DOS attack for Cloud in the last 3 years. SYN floods exploit the flaws in TCP three-way handshake procedures. The attacker sends multiple SYN requests from a spoofed IP address. The server will allocate all the resources needed without receiving any ACK from the attacker. We propose an approach of solving this type of attack for Big Data in Cloud while respecting the Service Level Agreement (SLA) and show that the improvement is considerable.","PeriodicalId":158890,"journal":{"name":"2018 International Conference on Communications (COMM)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Approach to Prevent SYN Flood DoS Attacks in Cloud\",\"authors\":\"Raluca Oncioiu, E. Simion\",\"doi\":\"10.1109/ICCOMM.2018.8484802\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Denial-of-service (DOS) attacks are the most frequent attacks in Cloud. Usually this type of attack consists in sending a large number of requests that will overwhelm the functioning of Cloud. DOS attack implies IP spoofing because each request needs to be different. So the server will consume its resources and it will not be able to reply to a legitimate connection request. SYN floods are the second most common type of DOS attack for Cloud in the last 3 years. SYN floods exploit the flaws in TCP three-way handshake procedures. The attacker sends multiple SYN requests from a spoofed IP address. The server will allocate all the resources needed without receiving any ACK from the attacker. We propose an approach of solving this type of attack for Big Data in Cloud while respecting the Service Level Agreement (SLA) and show that the improvement is considerable.\",\"PeriodicalId\":158890,\"journal\":{\"name\":\"2018 International Conference on Communications (COMM)\",\"volume\":\"17 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 International Conference on Communications (COMM)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCOMM.2018.8484802\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 International Conference on Communications (COMM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCOMM.2018.8484802","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Approach to Prevent SYN Flood DoS Attacks in Cloud
Denial-of-service (DOS) attacks are the most frequent attacks in Cloud. Usually this type of attack consists in sending a large number of requests that will overwhelm the functioning of Cloud. DOS attack implies IP spoofing because each request needs to be different. So the server will consume its resources and it will not be able to reply to a legitimate connection request. SYN floods are the second most common type of DOS attack for Cloud in the last 3 years. SYN floods exploit the flaws in TCP three-way handshake procedures. The attacker sends multiple SYN requests from a spoofed IP address. The server will allocate all the resources needed without receiving any ACK from the attacker. We propose an approach of solving this type of attack for Big Data in Cloud while respecting the Service Level Agreement (SLA) and show that the improvement is considerable.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
