Based on knowledge above, this paper studies the firewall which can defend common DoS attack: ①Analyzing the traditional algorithms, this paper gives an proposed algorithm which protects againstSYN flooding attackmore effectively and preserves a high throughput.
In the aspect of netvvork performance analysis, a new idea appears in the paper that, vvith the increase of netvvork load and the increase of connection rate, the model of netvvork traffic tends from instability towards Poisson distribution rather than vveight tailed distribution advanced 1990s and long range dependence distribution.
The system takes little resource for its performance, which is not only realizing the process-associating network supervisory function of individual firewall, and defending the attack of ICMP and SYN flood, but also realizing the bottom layer packet filter function in packet filter regulation of packet filter firewall's customers,and along with the surveillance of network circulated data package. It also offers linking information management in the development of individual firewall for the first time, which makes users master more network information.
Traditional flood attack (SYN flood) makes use of the leak of TCP prot ocol's three times handshake. This paper also uses Jpcap to put this kind of attack to realization, and compare this type of flood attack with SYN flood.
Distributed denial of service attack forms a prolific threat to Internet. The resources of servers are quickly consumed under such an attack, making them unav ailable to legitimate users. In this paper, we present a simply and applied dyn amic model for detecting SYN flooding attack, which is the most popular DOS atta ck. It can detect SYN flooding attack in real time effectively and accurately. We adapt a selfadaptive algorithm that is based on CUSUM (Cumulative S um) algorithm to decrease the ratio of f...
分布式拒绝服务攻击对 Internet威胁很大。正常服务器在这种攻击下资源会被很快消耗掉 ,从而不能为合法用户提供服务。本文提出了一个简单实用的动态检测模型用于检测 SY N洪水攻击,可以实时有效和准确地检测到最为流行的SYN洪水攻击。在模型中采用基于 CU SU M(Cumulative Sum)的自调整算法 ,可以有效降低系统的误报率
Network firewall is a computer network security product to a certain extent, which can defense the illegal invasion and attack on the Internet. Individual firewall is the only one which is suitable to PC users. The system takes little resource for its performance, which is not only realizing the process-associating network supervisory function of individual firewall, and defending the attack of ICMP and SYN flood, but also realizing the bottom layer packet filter function in packet filter regulation of pack...