ETRI-Knowledge Sharing Plaform

ENGLISH

성과물

논문 검색
구분 SCI
연도 ~ 키워드

상세정보

학술대회 Defense against TCP Flooding Attack
Cited 1 time in scopus Download 1 time Share share facebook twitter linkedin kakaostory
저자
윤승용, 오진태, 김익균, 장종수
발행일
201207
출처
International Conference on Security and Cryptography (SECRYPT) 2012, pp.416-420
협약과제
12PG1400, 스마트 단말의 정보유출 방지를 위한 MTM기반 보안 핵심 기술 개발, 조현숙
초록
This paper generally relates to a DDoS attack prevention method, more particularly, to a Transmission Control Protocol (TCP) flooding attack prevention method which defines several session states based on the type and direction of a packet, tracks the session state for each flow, and detects and responds to a flooding attack. An anti-DDoS system with a capacity of 20Gbps throughput, we call 'ALADDIN' system, was implemented in FPGA based reconfigurable hardware. The possibility of high-speed hardware implementation was shown in this paper. The system was tested using existing DDoS attack tools in 8Gbps of background traffic. According to the test results, TCP flooding attacks could be defended through our proposed method rapidly and accurately.
KSP 제안 키워드
Attack prevention, Background Traffic, DDoS attack tools, Flooding attack, Hardware Implementation, High Speed, Prevention method, Reconfigurable Hardware, Transmission Control Protocol(TCP)