An experimental study on the applicability of SYN cookies to networked constrained devices. (23rd June 2017)
- Record Type:
- Journal Article
- Title:
- An experimental study on the applicability of SYN cookies to networked constrained devices. (23rd June 2017)
- Main Title:
- An experimental study on the applicability of SYN cookies to networked constrained devices
- Authors:
- Echevarria, Juan Jose
Garaizar, Pablo
Legarda, Jon - Abstract:
- Summary: The Internet protocol suite is increasingly used on devices with constrained resources that operate as both clients and servers within the Internet of Things paradigm. However, these devices usually apply few—if any—security measures. Therefore, they are vulnerable to network attacks, particularly to denial of service attacks. The well‐known SYN flood attack works by filling up the connection queue with fake SYN requests. When the queue is full, new connections cannot be opened until some entries are removed after a time‐out. Class 2 constrained devices—according to the RFC 7228—are highly vulnerable to this attack because of their limited available memory, even in low‐rate attacks. This paper analyses and compares in a class 2 constrained device the performance of 2 commonly used defence mechanisms (ie, recycle half‐open connections and SYN cookies) during a low‐rate SYN flood. We first review 2 SYN cookies implementations (ie, Linux and FreeBSD) and compare them with a hybrid approach in a class 2 device. Finally, experimental results prove that the proposed SYN cookies implementation is more effective than recycling the oldest half‐open connections.
- Is Part Of:
- Software, practice & experience. Volume 48:Number 3(2018)
- Journal:
- Software, practice & experience
- Issue:
- Volume 48:Number 3(2018)
- Issue Display:
- Volume 48, Issue 3 (2018)
- Year:
- 2018
- Volume:
- 48
- Issue:
- 3
- Issue Sort Value:
- 2018-0048-0003-0000
- Page Start:
- 740
- Page End:
- 749
- Publication Date:
- 2017-06-23
- Subjects:
- constrained devices -- denial of service -- Internet of Things -- network throughput -- SYN cookies
Computer software -- Periodicals
Computer programming -- Periodicals
Computer programs -- Periodicals
005.3 - Journal URLs:
- http://onlinelibrary.wiley.com/ ↗
- DOI:
- 10.1002/spe.2510 ↗
- Languages:
- English
- ISSNs:
- 0038-0644
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 8321.453000
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 5801.xml