Defense Against TCP Flooding Attack
Seungyong Yoon, Ikkyun Kim, Jintae Oh, Jongsoo Jang
2012
Abstract
This paper generally relates to a DDoS attack prevention method, more particularly, to a Transmission Control Protocol (TCP) flooding attack prevention method which defines several session states based on the type and direction of a packet, tracks the session state for each flow, and detects and responds to a flooding attack. An anti-DDoS system with a capacity of 20Gbps throughput, we call ‘ALADDIN’ system, was implemented in FPGA based reconfigurable hardware. The possibility of high-speed hardware implementation was shown in this paper. The system was tested using existing DDoS attack tools in 8Gbps of background traffic. According to the test results, TCP flooding attacks could be defended through our proposed method rapidly and accurately.
DownloadPaper Citation
in Harvard Style
Yoon S., Oh J., Kim I. and Jang J. (2012). Defense Against TCP Flooding Attack . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012) ISBN 978-989-8565-24-2, pages 416-420. DOI: 10.5220/0004119604160420
in Bibtex Style
@conference{secrypt12,
author={Seungyong Yoon and Jintae Oh and Ikkyun Kim and Jongsoo Jang},
title={Defense Against TCP Flooding Attack},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)},
year={2012},
pages={416-420},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004119604160420},
isbn={978-989-8565-24-2},
}
in EndNote Style
TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)
TI - Defense Against TCP Flooding Attack
SN - 978-989-8565-24-2
AU - Yoon S.
AU - Oh J.
AU - Kim I.
AU - Jang J.
PY - 2012
SP - 416
EP - 420
DO - 10.5220/0004119604160420