Portal de Periódicos da CAPES

An Enhanced SYN Cookie Defence Method for TCP DDoS Attack

2011; Academy Publisher; Volume: 6; Issue: 8 Linguagem: Inglês

10.4304/jnw.6.8.1206-1213

1796-2056

Bo Hang, Ruimin Hu, Wei Shi,

Anomaly Detection Techniques and Applications

With the development of network, the issues of network security are rapidly becoming a serious problem, and the Denial of Service (DoS) attack has already become the greatest threat to the network. SYN Flood attack is one of the most common distributed denial of service attack way (DDoS). This paper presents an improved SYN Cookie method, designing a novel attack detector processing and a enhanced attack respondor with a new cookie verification algorithm and changing the definition of cookie field, to reduce algorithm complexity with the ensurance of security. The experiment results show that the proposed method provided an average computational complexity reduction of 30% compared with the traditional method. The new method can be an effective defense against the TCP SYN Flood attack with a lower complexity.