计算机工程与科学2011,Vol.33Issue(4):35-39,5.DOI:10.3969.j.issn.1007-130X.2011.04.007
一个新的SYN Flood攻击防御模型的研究
Research on a New Intrusion Protection Model Against the SYN Flood Attacks
摘要
Abstract
Aiming at the drawbacks of the current SYN flood attack prevention methods, a new intrusion prevention model against the SYN flood attacks is put forward based on the three-way handshake process. When the network system is suffering from the SYN flood attacks, the first handshake requests with the typical SYN flood attack feature will be immediately picked out and abandoned permanently;thereby the attacked system has adequate resources to deal with the new normal network requests. Other first handshake requests with the suspected SYN flood attack feature will be abandoned temporarily,and then adaptive learning module is started to revise the current intrusion patterns. In the end, the SYN Flood attack detection module will be restarted to get the further precise determination based on the updated intrusion patterns. An efficient intrusion prevention system against the SYN Flood attacks is designed and implemented, and the experimental results show that our intrusion prevention system can improve the whole system's protection capability against the SYN flood attacks.关键词
SYN Flood攻击/网络安全/传输控制协议/入侵防御Key words
SYN flood attacks/ network security / transmission control protocol/intrusion prevention分类
信息技术与安全科学引用本文复制引用
曾小荟,冷明,刘冬生,李平,金士尧..一个新的SYN Flood攻击防御模型的研究[J].计算机工程与科学,2011,33(4):35-39,5.基金项目
江苏省自然科学基金资助项目(BK2008554) (BK2008554)
江西省教育厅科技计划项目(GJJ10538) (GJJ10538)
