摘要 |
PURPOSE: A method for defending the denial of service (DOS) attack and an apparatus thereof are provided to effectively manage the memory which stores the TCP connection request information, thereby defending the DOS attack. CONSTITUTION: A receiver (610) receives the SYN packets. A first storage unit (620) stores the received SYN packets. A second storage unit (630) stores the doubtful SYN packets. A first detector (640) detects the SYN packets, which are received more than a first standard number from the same sender during a first standard time, among the SYN packets of the first storage unit. A connection request management unit (650) manages the connection request information by moving the detected doubtful SYN packets to the second storage unit. [Reference numerals] (610) Receiver; (620) First storage unit; (630) Second storage unit; (640) First detector; (650) Connection request management unit; (652) Second detector |