| Presentation | 2015-12-18 A method of defending against SYN flood by limiting SYN packet using token bucket model Ikebuchi Ryoma, Kobayashi Takashi, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | A SYN flood is a kind of Denial-of-service (DoS) attack which abuses TCP server's behavior. SYN cookies have been used for protecting TCP servers from SYN flood. In this article, I overview how a SYN flood achieves and tactic of SYN cookies, and then I confirm the condition of achievement of SYN flood on Linux. Finally, I suggest a system that can defend a Linux server against SYN flood using token bucket filtering instead of SYN cookies. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | TCP / DoS attack / SYN flood / SYN cookies / token bucket model |
| Paper # | IN2015-94 |
| Date of Issue | 2015-12-10 (IN) |
| Conference Information | |
| Committee | IN / IA |
|---|---|
| Conference Date | 2015/12/17(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Hiroshima City University |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Performance Analysis and Simulation, Robustness, Traffic and Throughput Measurement, Quality of Service (QoS) Control, Congestion Control, Overlay Network/P2P, IPv6, Multicast, Routing, DDoS, etc. |
| Chair | Hidetsugu Kobayashi(NTT) / Ken-ichi Yoshida(Univ. of Tsukuba) |
| Vice Chair | Katsunori Yamaoka(Tokyo Inst. of Tech.) / Hiroyuki Osaki(Kwansei Gakuin Univ.) / Masahiro Jibiki(NICT) / Yutaka Nakamura(Kyushu Inst. of Tech.) |
| Secretary | Katsunori Yamaoka(NTT) / Hiroyuki Osaki(KDDI) / Masahiro Jibiki(Tokyo Inst. of Tech.) / Yutaka Nakamura(Osaka Univ.) |
| Assistant | Yuichi Sudo(NTT) / Kunitake Kaneko(Keio Univ.) / Yuichiro Hei(KDDI R&D Labs.) / Hiroshi Yamamoto(Ritsumeikan Univ.) / Toshiki Watanabe(NEC) |
| Paper Information | |
| Registration To | Technical Committee on Information Networks / Technical Committee on Internet Architecture |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A method of defending against SYN flood by limiting SYN packet using token bucket model |
| Sub Title (in English) | |
| Keyword(1) | TCP |
| Keyword(2) | DoS attack |
| Keyword(3) | SYN flood |
| Keyword(4) | SYN cookies |
| Keyword(5) | token bucket model |
| 1st Author's Name | Ikebuchi Ryoma |
| 1st Author's Affiliation | Kansai University Graduate School(Kansai Univ.) |
| 2nd Author's Name | Kobayashi Takashi |
| 2nd Author's Affiliation | Kansai University(Kansai Univ.) |
| Date | 2015-12-18 |
| Paper # | IN2015-94 |
| Volume (vol) | vol.115 |
| Number (no) | IN-370 |
| Page | pp.pp.137-141(IN), |
| #Pages | 5 |
| Date of Issue | 2015-12-10 (IN) |