See this document in CiteSeerX!

Analysis of a Denial of Service Attack on TCP (1997)  (Make Corrections)  (78 citations)
Christoph L. Schuba, Ivan V. Krsul, Markus G. Kuhn, Eugene H. Spafford, Aurobindo Sundaram, Diego Zamboni
Proceedings of the 1997 IEEE Symposium on Security and Privacy



  Home/Search   Context   Related

 
View or download:
cl.cam.ac.uk/users/mgk2...synkill.ps.gz
cl.cam.ac.uk/~mgk25/synkill.ps.gz
sjsu.edu/faculty/schuba/pub/p...main.ps
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  cl.cam.ac.uk/users/mgk25/ (more)
From:  counterpane.com/bibli...year1997
Homepages:  C.Schuba  M.Kuhn
  

Rate this article: (best)
  Comment on this article  
Efficient network-based method for defending against SYN-flooding attacks

Abstract: This paper analyzes a network-based denial of service attack for IP (Internet Protocol) based networks. It is popularly called SYN flooding. It works by an attacker sending many TCP (Transmission Control Protocol) connection requests with spoofed source addresses to a victim's machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources. Once the target host's resources are exhausted, no more incoming TCP connections can be established, thus... (Update)

Cited by:   More
On Scalable Attack Detection in the Network - Ramana Rao Kompella (2004)   (Correct)
WebSOS: An Overlay-based System for Protecting Web .. - Stavrou, Cook.. (2005)   (Correct)
A Scalable Set-Union Counting Approach to Pushing Back DDoS.. - Kwok, Cai, Hwang (2004)   (Correct)

Active bibliography (related documents):   More   All
0.5:   Distributed Denial of Service Attacks - Lau, Rubin, Smith, Trajovic (2000)   (Correct)
0.4:   Defending against a Denial-of-Service Attack on TCP - Mutaf (1999)   (Correct)
0.2:   Issues in the Incorporation of Security Services into a.. - Tripunitara, Spafford   (Correct)

Similar documents based on text:   More   All
0.4:   Inferring Internet Denial-of-Service Activity - Moore, Voelker, Savage (2001)   (Correct)
0.4:   TCP SYN Flooding Defense - Ricciulli, Lincoln, Kakkar (1999)   (Correct)
0.3:   An Analysis of Using Reflectors for Distributed Denial-of-Service .. - Paxson (2001)   (Correct)

Related documents from co-citation:   More   All
28:   Practical network support for ip traceback - Savage, Wetherall et al. - 2000
22:   Network Ingress Filtering: Defeating Denial of Service Attacks which Employ IP S.. (context) - Ferguson, Senie - 1998
22:   A formal framework and evaluation method for network denial of service - Meadows - 1999

BibTeX entry:   (Update)

C. Schuba, I. Krsul, M. Kuhn, G. Spafford, A. Sundaram, and D. Zamboni. Analysis of a denial of service attack on TCP. In Proceedings of the 1997 IEEE Symposium on Security and Privacy, pages 208--223. IEEE Computer Society Press, May 1997. http://citeseer.ist.psu.edu/article/schuba97analysis.html   More

@inproceedings{ schuba97:synkill,
  author = {Christoph L. Schuba and Ivan V. Krsul and Markus G. Kuhn and Eugene
  H. Spafford and Aurobindo Sundaram and Diego Zamboni},
  title = {Analysis of a Denial of Service Attack on {TCP}},
  booktitle = "Proceedings of the 1997 {IEEE} Symposium on Security and
  Privacy",
  year = 1997,
  month = {May},
  pages = {208--223},
  organization = {{IEEE} Computer Society},
  publisher = {{IEEE} Computer Society Press},
  URL = "citeseer.ist.psu.edu/article/schuba97analysis.html",
  URL = "https://www.cerias.purdue.edu/techreports-ssl/public/97-06.ps" }
Citations (may not include all citations):
267   Internetworking with TCP/IP (context) - Comer - 1995
58   Information Science Institute (context) - Postel, Internet - 1981
42   Addison--Wesley Publishing Company (context) - Knuth, of et al. - 1981
38   Practical UNIX & Internet Security (context) - Garfinkel, Spafford - 1996
12   IP Spoofing Attacks and Hijacked Terminal Connections (context) - Response, CERT et al. - 1995
9   RFC-- 1750 Randomness Recommendations for Security (context) - Eastlake, Crocker et al. - 1994
9   Project neptune (context) - route - 1996
8   TCP SYN Flooding and IP Spoofing Attacks (context) - Response, CERT et al. - 1996
7   Network ingress filtering (context) - Ferguson - 1996
6   RFC--793 Transmission Datagram Protocol (context) - Postel - 1981
5   RFC--1597 Address Allocation for Private Internets (context) - Rekhter, Moskowitz et al. - 1994
3   TCP SYN Flooding Attack and the FireWall-1 SYNDefender (context) - Ltd - 1996
2   Defining Strategies to Protect Against TCP SYN Denial of Ser.. (context) - Inc - 1996
1   Internet Access Company (context) - Corcoran, at - 1996
1   RealSecure User's Guide and Reference Manual (context) - Systems - 1996
1   Sun Security Bulletin (context) - Graff - 1996
1   Announces Defense agains SYN Flooding Attacks (context) - Laboratories, Labs - 1996
1   Flood warning (context) - Fairlane - 1996
1   Englewood Cliffs (context) - Stevens, Wright et al. - 1995
1   Savvy Hacker Tangles Web For Net Host (context) - Ziegler - 1996



The graph only includes citing articles where the year of publication is known.

Documents on the same site (http://www.cl.cam.ac.uk/users/mgk25/):   More
StegFS: A Steganographic File System for Linux - McDonald, Kuhn (1999)   (Correct)
Low Cost Attacks on Tamper Resistant Devices - Anderson, Kuhn (1997)   (Correct)
Optical Time-Domain Eavesdropping Risks of CRT Displays - Kuhn (2002)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC