摘要 |
PROBLEM TO BE SOLVED: To provide a defence against a distributed denial-of-service (DDos) attack in a fixed embodiment. SOLUTION: The distributed denial-of-service (DDoS) attack due to the TCP stateless hog is defended by using an extension for a keep-alive mechanism given by an RFC 1122. A TCP server receives a new TCP connection request from a possible attacker and sends back a keep-alive probe packet using an "invalid" sequence number in response to the request. Exemplarily, this "invalid" sequence number contains a random number selected to be so far away from a real current sequence number. When a response packet is received from a potential attacker, the TCP server verifies correctness of a positive response number in the received packet, thereby judging whether the potential attacker is possible to be the TCP stateless hog. COPYRIGHT: (C)2005,JPO&NCIPI
|