Abstract
Distributed denial-of-service attacks on public servers after 2000 have become a serious problem. In the distributed denial-of-service (DDoS) attacks often seen recently, multiple distributed nodes concurrently attack a single server. To assure that network services will not be interrupted, faster and more effective defense mechanisms is needed to protect against malicious traffic, especially SYN floods. One problem in detecting SYN flood traffic is that server nodes or firewalls cannot distinguish the SYN packets of normal TCP connections from those of a SYN flood attack. Our method, FDFIX, relies on the use of monitoring and measurement techniques to evaluate the impact of DoS attacks. It uses flow based measurements. Capturing flow information is very important for detecting DoS and also other kinds of attacks. Flow monitoring allows detecting suspicious traffics and in the next step can analyze attacking flows and the results can be used for defense methods. Our method provides required information for many mechanisms that use traffic measurement as their input.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
