-
Essay / DDos - 707
3.2 SYN Cookie DefenseAs discussed earlier, there is a DDoS SYN Flood attack, which involves sending a large amount of TCP SYN requests to flood the server, making it unavailable. If the server allocation is for legitimate requests, attackers will not exhaust the server. Intrusion detection regarding SYN requests is a form of defense. There is a common algorithm to use when using intrusion detection. When continuously monitoring traffic, there is no need to start subdetection in queries. When the sniff test shows normal traffic, the possibility of attack is low because the potential for false negatives is low. On the other hand, when traffic is abnormal, the algorithm should stop and activate the secondary filter, trying to find most attack actions. Figure 6 shows a flowchart of such an algorithm. SYN cookie technology uses the idea that when resending the TCP SYN + ACK packet, the TCP server sends a cookie value instead of a specific data area [6]. As a result, the server can check the cookie value when receiving the response. One of the major problems with its current operation is that it requires great computational complexity. Few approaches have been used to reduce complexity using temporary storage of SYN packet information, but this requires large data capacity. There is a new algorithm that incorporates a random key to encrypt information packets, increasing security, speed and safety. Additionally, the new program adds optional IP options for validating a trusted packet. Many other researchers are looking for more SYN defense methods to protect TCP protocols. 3.3 Stochastic fairness queue As mentioned before, attackers frequently use Flood-ba...... middle of paper .......1 (2012): 27-33. Print.[8] Kiruthika, first N.1. “A new approach to defending against Ddos.” Computers and Telecommunications31.2 (2011): 93-101. Source of applied science and technology. Internet. February 25, 2014.[9] Lonea, Alina Madalina1, Daniela Elena2 and Huaglory3, Tianfield. “Detecting Ddos Attacks in a Cloud Computing Environment.” International Journal of Computers, Communications and Control 8.1 (2013): 70-78. Source of applied science and technology. Internet. February 25, 2014.[10] Sheth, Chirag and Rajesh Thakker. “Performance Evaluation and Comparison of Network Firewalls Under DDoS Attack.” International Journal of Computer Network and Information Security 5.12 (2013): 60-67. Print.[11] -, Yu Ming. “Mitigating Flood-Based DDoS Attacks Using Stochastic Fairness Queuing”. INTERNATIONAL JOURNAL ON Advances in Information and Service Sciences 4.6 (2012): 145-52. Print.