2005 | OriginalPaper | Buchkapitel
Session Table Architecture for Defending SYN Flood Attack
verfasst von : Xin Li, Zhenzhou Ji, Mingzeng Hu
Erschienen in: Information and Communications Security
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Stateful Inspection has become a classical technology for network firewall. Existing session table architectures of Stateful Inspection firewalls cause high time cost of timeout processing. A new architecture is proposed. The new architecture divides a session entry into two separate parts, and designs different data structures for each other. On the base of multi-queue architecture, dynamical timeouts according to available resource improve securities of protected hosts against SYN flood attack. Experimental results show that the new architecture can work well in Gigabit Ethernet network.