A lab implementation of SYN flood attack and defense

Yuan, Dongqing; Zhong, Jiling

doi:10.1145/1414558.1414575

Cited by 19 publications

(7 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…t Y for all prediction traces are plotted in Figure 3. For all the traces tested, 3 ' t Y are mostly zeros and always much smaller than the threshold. Hence, no false alarms are reported.…”

Section: Normal Traffic Testmentioning

confidence: 94%

“…The server sends the SYN-ACK to the spoofed IP addresses, and never receives the ACK packets back. Once all resources set aside for halfopen connections are reserved, new connections cannot be made, resulting in DoS [3]. Furthermore, some other system resources, such as CPU and network bandwidth used to retransmit the SYN/ACK packets, are occupied and overloaded [4].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

ARM-CPD: Detecting SYN flooding attack by traffic prediction

Sun

Wang

Yan

et al. 2009

2009 2nd IEEE International Conference on Broadband Network &Amp; Multimedia Technology

View full text Add to dashboard Cite

This paper proposed an ARM-CPD scheme that is a simple but fast and effective approach to detect SYN flooding attacks. Instead of managing all real time ongoing traffic on the network, ARM-CPD only monitors the SYN packet and use it to predict the SYN packet in the near future to detect the SYN flooding attacks. To get the prediction SYN traffic, the Autoregressive Integrated Moving Average Model (ARIMA) is proposed; and to make the detection method insensitive to site and access pattern, a non-parametric Cumulative Sum (CUSUM) algorithm is applied. The trace-driven simulations demonstrate that ARM-CPD can shorten the detection time of SYN flooding attack effectively.

show abstract

“…t Y for all prediction traces are plotted in Figure 3. For all the traces tested, 3 ' t Y are mostly zeros and always much smaller than the threshold. Hence, no false alarms are reported.…”

Section: Normal Traffic Testmentioning

confidence: 94%

Section: Introductionmentioning

confidence: 99%

ARM-CPD: Detecting SYN flooding attack by traffic prediction

Sun

Wang

Yan

et al. 2009

2009 2nd IEEE International Conference on Broadband Network &Amp; Multimedia Technology

View full text Add to dashboard Cite

show abstract

“…Hands-on lab exercises on various information security topics have focus primarily on desktop environments, whether physical or virtual, and consequently can be implemented only inside isolated laboratories environments (Whitman et al 2014;Trabelsi and Alketbi 2013;Trabelsi 2011;Vigna 2003a, b;Yuan and Zhong 2008;Caltagirone et al 2006;Hill et al 2001, andTrabelsi andMustafa 2014). Recently, the computing landscape, however, is shifting.…”

Section: Introductionmentioning

confidence: 99%

Android based mobile apps for information security hands-on education

et al. 2015

View full text Add to dashboard Cite

As mobile devices grow increasingly in popularity within the student community, novel educational activities and tools, as well as learning approaches can be developed to get benefit from this prevalence of mobile devices (e.g. mobility and closeness to students' daily lives). Particularly, information security education should reflect the current trend in computing platforms away from the desktop and towards mobile devices. This paper discusses a case study of a learning approach that aims at taking advantages of the benefits of mobile devices and the best practices in learning information security, as well as promoting students' interests and increasing their self-efficacy. The learning approach uses two Android learning apps to enhance students' hands-on skills on firewall filtering rules implementation, by practicing network traffic filtering outside the traditional laboratory activities, in the real-world environment; i.e., anywhere and anytime, at the students' convenience. Practically, the two Android apps are a firewall app and a packet generator app; both apps are freely available at Google Play Store. Based on statistics from the Google Play Store, in about one and a half years, the packet generator app turned popular with over 20,000 downloads worldwide and a 3.75 users' rating. A comparative analysis of various existing Android firewall apps with the proposed firewall app emphasizes its significance. The impact of the Android apps on the students' performance in terms of achieving the course outcomes is also discussed.

show abstract

“…However, there is growing interest in offensive techniques, which were originally developed by hackers [2,6,7,8,14,15,19]. Teaching ethical hacking techniques is becoming a necessary component of information security curriculum as it yields better security professionals than other curricula teaching defensive techniques alone.…”

Section: Introductionmentioning

confidence: 99%

Enhancing the comprehension of network sniffing attack in information security education using a hands-on lab approach

Trabelsi

2014

Proceedings of the 15th Annual Conference on Information Technology Education

View full text Add to dashboard Cite

Sniffing attack is a common network attack and a fundamental topic to information security education. The sniffing attack is usually used by malicious users to spy network traffic, and to collect confidential and sensitive information. With the objective of enhancing information security education, this paper discusses what fundamental security concepts and handson skills the students need to know and acquire about network sniffing attack, respectively. The learning objective of the discussed hands-on lab exercises is to teach students how to practically sniff network traffic in an isolated network laboratory environment and detect hosts preforming sniffing activities. The paper does so in the hope that it will encourage the teaching of sniffing attack topic when offering courses on network security, using a hands-on approach. The paper discusses also the implications of the offered hands-on lab exercises on the students' performance and learning outcomes.

show abstract

A lab implementation of SYN flood attack and defense

Cited by 19 publications

References 2 publications

ARM-CPD: Detecting SYN flooding attack by traffic prediction

ARM-CPD: Detecting SYN flooding attack by traffic prediction

Android based mobile apps for information security hands-on education

Enhancing the comprehension of network sniffing attack in information security education using a hands-on lab approach

Contact Info

Product

Resources

About