Session Table Architecture for Defending SYN Flood Attack

Capítulo de livro Acesso aberto Revisado por pares

Session Table Architecture for Defending SYN Flood Attack

2005; Springer Science+Business Media; Linguagem: Inglês

10.1007/11602897_19

ISSN

1611-3349

Autores

Xin Li, Zhenzhou Ji, Mingzeng Hu,

Tópico(s)

Network Traffic and Congestion Control

Resumo

Stateful Inspection has become a classical technology for network firewall. Existing session table architectures of Stateful Inspection firewalls cause high time cost of timeout processing. A new architecture is proposed. The new architecture divides a session entry into two separate parts, and designs different data structures for each other. On the base of multi-queue architecture, dynamical timeouts according to available resource improve securities of protected hosts against SYN flood attack. Experimental results show that the new architecture can work well in Gigabit Ethernet network.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

Session Table Architecture for Defending SYN Flood Attack