Presentation | 2015-12-18 A method of defending against SYN flood by limiting SYN packet using token bucket model Ikebuchi Ryoma, Kobayashi Takashi, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | A SYN flood is a kind of Denial-of-service (DoS) attack which abuses TCP server's behavior. SYN cookies have been used for protecting TCP servers from SYN flood. In this article, I overview how a SYN flood achieves and tactic of SYN cookies, and then I confirm the condition of achievement of SYN flood on Linux. Finally, I suggest a system that can defend a Linux server against SYN flood using token bucket filtering instead of SYN cookies. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | TCP / DoS attack / SYN flood / SYN cookies / token bucket model |
Paper # | IN2015-94 |
Date of Issue | 2015-12-10 (IN) |
Conference Information | |
Committee | IN / IA |
---|---|
Conference Date | 2015/12/17(2days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | Hiroshima City University |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | Performance Analysis and Simulation, Robustness, Traffic and Throughput Measurement, Quality of Service (QoS) Control, Congestion Control, Overlay Network/P2P, IPv6, Multicast, Routing, DDoS, etc. |
Chair | Hidetsugu Kobayashi(NTT) / Ken-ichi Yoshida(Univ. of Tsukuba) |
Vice Chair | Katsunori Yamaoka(Tokyo Inst. of Tech.) / Hiroyuki Osaki(Kwansei Gakuin Univ.) / Masahiro Jibiki(NICT) / Yutaka Nakamura(Kyushu Inst. of Tech.) |
Secretary | Katsunori Yamaoka(NTT) / Hiroyuki Osaki(KDDI) / Masahiro Jibiki(Tokyo Inst. of Tech.) / Yutaka Nakamura(Osaka Univ.) |
Assistant | Yuichi Sudo(NTT) / Kunitake Kaneko(Keio Univ.) / Yuichiro Hei(KDDI R&D Labs.) / Hiroshi Yamamoto(Ritsumeikan Univ.) / Toshiki Watanabe(NEC) |
Paper Information | |
Registration To | Technical Committee on Information Networks / Technical Committee on Internet Architecture |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | A method of defending against SYN flood by limiting SYN packet using token bucket model |
Sub Title (in English) | |
Keyword(1) | TCP |
Keyword(2) | DoS attack |
Keyword(3) | SYN flood |
Keyword(4) | SYN cookies |
Keyword(5) | token bucket model |
1st Author's Name | Ikebuchi Ryoma |
1st Author's Affiliation | Kansai University Graduate School(Kansai Univ.) |
2nd Author's Name | Kobayashi Takashi |
2nd Author's Affiliation | Kansai University(Kansai Univ.) |
Date | 2015-12-18 |
Paper # | IN2015-94 |
Volume (vol) | vol.115 |
Number (no) | IN-370 |
Page | pp.pp.137-141(IN), |
#Pages | 5 |
Date of Issue | 2015-12-10 (IN) |