Abstract

Distributed denial of service attacks have become more and more frequent nowadays. In 2013, a massive distributed denial of service (DDoS) attack was launched against Spamhaus causing the service to shut down. In this paper, we present a three-way handshaking server for Transmission Control Protocol (TCP) connection redirection utilizing TCP header options. When a legitimate client attempted to connect to a server undergoing an SYN-flood DDoS attack, it will try to initiate a three-way handshake. After it has successfully established a connection, the server will reply with a reset (RST) packet, in which a new server address and a secret is embedded. The client can, thus, connect to the new server that only accepts SYN packets with the corrected secret using the supplied secret.

Highlights

  • With the growing number of personal computers (PCs) connected to the Internet, malicious attackers try to break into and make good use of them

  • If the attack originates from a single host on the network, it is defined as a denial of service (DoS)

  • We demonstrate the basic ability of Transmission Control Protocol (TCP) connection redirection

Read more

Summary

Introduction

With the growing number of personal computers (PCs) connected to the Internet, malicious attackers try to break into and make good use of them. The term “botnet” is a network which is comprised of infected end-hosts under the control of a human operator, commonly known as the botmaster [1]. If the attack originates from a single host on the network, it is defined as a denial of service (DoS). If the attack originates from multiple devices across multiple networks, we call it a DDoS attack. Botnets usually participate in performing DDoS attacks. DoS/DDoS attacks have a long history, back to the 1990s, and have become more and more vicious. Transmission Control Protocol (TCP), as defined in Request For Comments (RFC) 793, is a connection-oriented, end-to-end reliable protocol. In a typical TCP connection, each device maintains its state and the corresponding sequence number to track the incoming sequences of packets. When an end-host device receives a new packet, it will send back an ACK (acknowledgement) packet, containing an acknowledgement number, which means the device has successfully received the data and is awaiting further incoming data as the number indicates

Methods
Results
Discussion
Conclusion

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.