A Detecting Approach for SYN Flooding Attacks with Fuzzy Logic
SYN flooding attacks has received much attention in network security community.A variety of algorithms for detecting such attacks have been published.However,since the rate of normal network traffic may vary,we cannot use an explicit threshold of SYN arrival rates to detect SYN Flooding traffic.Hence,it is different to distinguish the SYN packets of normal TCP connections from those of SYN Flooding attack. In this paper,we propose a novel SYN flooding attack detection approach with fuzzy logic to find attacks with low time cost.This approach contains two phase: SYN traffic statistic and SYN detection.In SYN traffic statistic phase,we adopt bloom filter to compute the number of SYN and ACK packets.In SYN detection phase,we use fuzzy logic to detect whether the attacks occur.Experimental results show that our proposed approach is effective and efficient.
DoS SYN flooding attacks Bloom filter Fuzzy logic
Tongguang Zhang Hong Pan Ming Chen
Department of Computer and Information Engineering Xinxiang College Xinxiang,Henan 453000,China
国际会议
秦皇岛
英文
490-493
2010-11-05(万方平台首次上网日期,不代表论文的发表时间)