首页>
外国专利>
Statistical methods for detecting TCP SYN flood attacks
Statistical methods for detecting TCP SYN flood attacks
展开▼
机译:TCP SYN Flood攻击检测统计方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
Methods of detecting TCP SYN flooding attacks at a router located between a LAN and a network such as the Internet are described. The methods rely on a counting arrangement in which SYN and Fin packets are counted on both the LAN side and the network or Internet side of the router during a time interval. Weighting factors are applied to each count, the factor for the LAN side count having the opposite polarity to the factor for the network side count. The absolute values of the sums of the weighting factors of like polarity are equal. An abnormal number of unsuccessful connection attempts are determined based on a parameter calculated using the weighting factors in conjunction with the respective counts.
展开▼