%0 Conference Proceedings
%T Syn Flood Attack Detection and Type Distinguishing Mechanism Based on Counting Bloom Filter
%+ Slovak University of Technology in Bratislava (STU)
%A Halagan, Tomáš
%A Kováčik, Tomáš
%A Trúchly, Peter
%A Binder, Andrej
%Z Part 1: Networks and System Architecture
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 3rd International Conference on Information and Communication Technology-EurAsia (ICT-EURASIA) and 9th International Conference on Research and Practical Issues of Enterprise Information Systems (CONFENIS)
%C Daejon, South Korea
%Y Ismail Khalil
%Y Erich Neuhold
%Y A Min Tjoa
%Y Li Da Xu
%Y Ilsun You
%I Springer
%3 Information and Communication Technology
%V LNCS-9357
%P 30-39
%8 2015-10-04
%D 2015
%R 10.1007/978-3-319-24315-3_4
%K DoS detection
%K DoS identification
%K Counting Bloom Filter
%K TCP
%K SYN
%K Flood attack
%K Network security
%Z Computer Science [cs]
%Z Humanities and Social Sciences/Library and information sciencesConference papers
%X Presented work focuses onto proposal, implementation and evaluation of the new method for detection and type identification of SYN flood (DoS) attacks. The method allows distinguishing type of detected SYN flood attacks – random, subnet or fixed. Based on Counting Bloom filter, the attack detection and identification algorithm is proposed, implemented and evaluated in KaTaLyzer network traffic monitoring tool. Proof of correctness of the approach for TCP SYN flood attack detection and type identification is provided – both in practical and theoretical manners. In practice, new module for KaTaLyzer is implemented and TCP attacks are detected, identified and network administrator is notified about them in real-time.
%G English
%Z TC 5
%Z TC 8
%Z WG 8.9
%2 https://inria.hal.science/hal-01466237/document
%2 https://inria.hal.science/hal-01466237/file/978-3-319-24315-3_4_Chapter.pdf
%L hal-01466237
%U https://inria.hal.science/hal-01466237
%~ SHS
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-TC5
%~ IFIP-WG
%~ IFIP-TC8
%~ IFIP-ICT-EURASIA
%~ IFIP-WG8-9
%~ IFIP-LNCS-9357
%~ IFIP-CONFENIS