SynFlood attack Detection based on Distance computation in Space Geometry
This paper proposes a new SynFlood attack detection method based on the relationship between SYN segment, FIN segment and RST segment of T(P protocol. The method maps the relationship between the aforementioned three segments to the space geometry: their relation during a time quantum is mapped to a point, and a normal relation is mapped to a plane. The method detects SynFlood attack by calculating the distance between the point and the plane. The method exploits the continuity features of SynFlood attack to increase the accuracy rate and efficiency. The simulation results indicate that the method has favorable accuracy and higher data packet processing capability. It can be deployed at the backbone router in a large or medium-sized network.
synflood attack detection discriminated tuple degree of deviation
Huiyu Liu Kai Chen Xiaosu Chen
School of Computer Sci.& Tech.Huazhong Univ.of Sci.& Tech.Wuhan,China
国际会议
太原
英文
585-591
2010-10-22(万方平台首次上网日期,不代表论文的发表时间)