首页    期刊浏览 2024年11月24日 星期日
登录注册

文章基本信息

  • 标题:Anomaly Detection of IP Header Threats
  • 本地全文:下载
  • 作者:Miss S. H. C. Haris ; Dr. Ghossoon Mohammed Waleed AlSaadoon ; Associate Professor Asso. Prof. Dr. R. B. Ahmad
  • 期刊名称:International Journal of Computer Science and Security (IJCSS)
  • 电子版ISSN:1985-1553
  • 出版年度:2011
  • 卷号:4
  • 期号:6
  • 页码:497-504
  • 出版社:Computer Science Journals
  • 摘要:Threats have become a big problem since the past few years since computer viruses are widely recognized as a significant computer threat. However, the role of Information Technology security must be revisit again since it is too often, IT security managers find themselves in the hopeless situation of trying to uphold a maximum of security as requested from management. While at the same time they are considered an obstacle in the way of developing and introducing new applications into business and government network environments. This paper will focus on Transmission Control Protocol Synchronize Flooding attack detections using the Internet Protocol header as a platform to detect threats, especially in the IP protocol and TCP protocol, and check packets using anomaly detection system which has many advantages, and applied it under the open source Linux. The problem is to detect TCP SYN Flood attack through internet security. This paper also focusing on detecting threats in the local network by monitoring all the packets that goes through the networks. The results show that the proposed detection method can detect TCP SYN Flooding in both normal and attacked network and alert the user about the attack after sending the report to the administrator. As conclusion, TCP SYN Flood and other attacks can be detected through this traffic monitoring tools if the abnormal behaviors of the packets are recognized such as incomplete TCP three-way handshake application and IP header length.
  • 关键词:TCP SYN Flood; rate-based detection; three-way handshake; IP Header; TCP Header
国家哲学社会科学文献中心版权所有