Syn Flood Attack Detection and Type Distinguishing Mechanism Based on Counting Bloom Filter

Halagan, Tomáš; Kováčik, Tomáš; Trúchly, Peter; Binder, Andrej

DSpace Home
→
Slovenská technická univerzita v Bratislave
→
Kapitoly
→
View Item

dc.contributor.author	Halagan, Tomáš
dc.contributor.author	Kováčik, Tomáš
dc.contributor.author	Trúchly, Peter
dc.contributor.author	Binder, Andrej
dc.date.accessioned	2020-02-12T13:18:57Z
dc.date.available	2020-02-12T13:18:57Z
dc.date.issued	2015-11
dc.identifier.isbn	978-3-319-24314-6
dc.identifier.uri	https://doi.org/10.1007/978-3-319-24315-3_4
dc.identifier.uri	https://repository-scidap.cvtisr.sk//xmlui/handle/123456789/23
dc.description.abstract	Presented work focuses onto proposal, implementation and evaluation of the new method for detection and type identification of SYN flood (DoS) attacks. The method allows distinguishing type of detected SYN flood attacks – random, subnet or fixed. Based on Counting Bloom filter, the attack detection and identification algorithm is proposed, implemented and evaluated in KaTaLyzer network traffic monitoring tool. Proof of correctness of the approach for TCP SYN flood attack detection and type identification is provided – both in practical and theoretical manners. In practice, new module for KaTaLyzer is implemented and TCP attacks are detected, identified and network administrator is notified about them in real-time.	en_US
dc.language.iso	en	en_US
dc.publisher	Springer, Cham
dc.subject	DoS detection	en_US
dc.subject	DoS identification	en_US
dc.subject	Counting Bloom Filter	en_US
dc.subject	TCP	en_US
dc.subject	SYN	en_US
dc.subject	Flood attack	en_US
dc.subject	Network security	en_US
dc.title	Syn Flood Attack Detection and Type Distinguishing Mechanism Based on Counting Bloom Filter	en_US
dc.type	Book chapter	en_US
dc.type	text