The Research On Combating TCP Based Attacks On Mobile Devices

TCP based attack is a well known security problem that leads to consumption of mobile devices resources such as bandwidths, batteries as well as memory. The attack is common in new environments providing TCP-based network services (web service, email service) such as peer to peer networks and scenarios where wireless terminals act as servers. Verifying sources sending synchronize (SYN), acknowledge (ACK) or reset (RST) has been a great challenge.The existing solutions have focused much on verifying sources sending SYN requests and therefore encouraging attackers to use other means of exploiting the three TCP handshakes. Attackers are using spoofed or invalid RSTs and spoofed ACKs to render the TCP servers ineffective.This paper describes two mechanisms that verify the sources sending SYN requests, ACK and RST in order to distinguish invalid requests and responses from legitimate ones. The two mechanisms are Easy to use Firewall Design I and Easy to use Firewall Design II. The solution requires minimum modifications to the existing firewalls and reduces attackers'effective rate significantly.Further, the above mechanisms are tested to prove their effectiveness. The testing was done in environments involving high number of attacks and low number of attacks. The results showed that Easy to use Firewall Design I worked will in an environment with low number of attacks while Easy to use Firewall Design II worked well in an environment with high number of attacks. The results indicate that both mechanisms reduce attackers'effective rates significantly.It should be noted that implementing the above mechanisms involves minimum modifications to the existing firewalls therefore making the proposed solutions easy to use and cost effective and at the same time giving maximum protection to the TCP servers against TCP based attacks.