| | | | |
|
TCP SYN Flooding Defense
by Dr. Patrick Lincoln, Livio Ricciulli & Pankaj Kakkar.
Abstract
The TCP SYN flooding denial-of-service attack pointed out a weakness of then-current Internet protocols. There have since been many proposals to de fend against SYN flooding, some requiring significant changes to TCP. Several solutions attempting to re solve the TCP weakness are now generally available. We document these existing solutions and qualitatively compare them. We refine the analysis of the random drop approach and derive a simple and general way to improve its performance. Finally we show, through both analytical and packet-level simulations, the efficacy of the random drop approach in a variety of operating conditions.
Files
|
|
|