A Study and Detection of TCP SYN Flood Attacks With IP Spoofing and Its Mitigations
Flooding attacks are major threats on TCP/IP protocol suite these days; Maximum attacks are launched through TCP and exploit the resources and bandwidth of the machine. Flooding attacks are DDOS (Distributed Denial Of Service) attacks and utilize the weakness of the network protocols. SYN flood exploits the 3-way handshaking of the TCP by sending many SYN request with IP spoofing technique to victim host and exhaust the backlog queue resource of the TCP and deny legitimate user to connect. Capturing the packet flow is very important to detecting the DOS attack. This paper presents how the TCP SYN flood takes place and show the number of packets received by the victim server under the attack.