| Distributed Denial of Service (DDoS) attack is currently one of the greatest threat on the internet. With the development of network technology, defence has become increasingly difficult. The SYN Flood attack is the more difficult to defend in the kind of DDos attacks, which uses the defect of three-way handshake protocol. In the first process of the three-way handshake, attacker sends a large number of forged source IP address of the SYN packet, to consume the server’s resources. So it becomes a difficulty in the defense of DDos.In order to prevent SYN Flood effectively which is a typical DDoS attack, on the basis of reading the literature and experimental verification, the thesis proposes some pratical solutions. Experiments confirm that these solutions can accurately and efficiently defense the SYN Flood attack.Compared to traditional design methods, the thesis proposes that protection system is divided into detection system and filtration system. On the research of detection system, the thesis proposes a warning method based on mathematical statistics and a efficient lookup method in the white and black list of libraries based on Sphinx engine. On the research of filtration system, for the problem of cookie algorithm of weak security, it proposes a method combined with improved MD5algorithm and public key encryption, the experimental results show that, its safety is greatly enhanced.In addition, accompanied by ACK Flood, the thesis proposes a method which maintains the records repository and uses the Sphinx engine, for recording customer information that initiated the request, this method effectively solves the problem of ACK Flood attacks. |
PDF Full Text Request