1 AIT Asian Institute of Technology
Thesis > School of Engineering and Technology (SET) > Department of Information and Communications Technologies (DICT) > 2013

Modelling TCP SYN flooding attacks using multiagent system
AuthorPiyhawat Sudsri
Call NumberAIT Thesis no.CS-13-09
Subject(s)Internet
TCP/IP (Computer network protocol)
Intelligence agent (Computer software)

NoteA thesis submitted in partial fulfillment of the requirements for the degree of Master of Science in Computer Science, School of Engineering and Technology
PublisherAsian Institute of Technology
Series StatementThesis ; no. CS-13-09
AbstractA Denial of Service (DoS) attack is a malicious attempt aiming to degrade the quality of ser- vices. The attacks simply overuse services by straining software, hardware, or network links beyond their capacity. The attacks could target either network links or network layers. While flooding on network links is very crudest and does not require anything else but enough mes- sages such that the recipient cannot handle, taking advantage of a vulnerability in TCP/IP stack is more complicated, and the result is worse. Most of the DoS attacks target protocols in the stack running on communication systems, consuming their resources and making them unable to provide a service to valid users. One of the well-known DoS attacks is a TCP SYN flooding attack, exploiting a design of a Transmission Control Protocol (TCP) connection establishment procedure called three-way handshake by exhausting allocated data structure for pending connections, preventing valid connection requests from being established with the server. The SYN flooding attack affects all applications which rely on TCP, such as web services, email systems and file transfer systems. Comparing with other DoS attacks, the SYN flooding attack requires very little effort because the SYN message is tiny. Although the attack has been known for many years, there is no absolute solution and variation of them still be seen nowadays. In the thesis, TCP is modelled by using a mathematical formal framework of multiagent systems. The attack is represented by runs which are used to de- scribed semantics of the system. Different kinds of runs are presented in order to distinguish between legitimate and illegitimate connection requests. Existing firewalls defence systems are selected to verify whether they are effective against the TCP SYN flooding attack or not.
Year2013
Corresponding Series Added EntryAsian Institute of Technology. Thesis : no. CS-13-09
TypeThesis
SchoolSchool of Engineering and Technology (SET)
DepartmentDepartment of Information and Communications Technologies (DICT)
Academic Program/FoSComputer Science (CS)
Chairperson(s)Phan Minh Dung
Examination Committee(s)Vatcharaporn Esichaikul;Huyunh Trung Luong
Scholarship Donor(s)Royal Thai Airforce
DegreeThesis (M. Sc.) - Asian Institute of Technology, 2013


Browse by School

Usage Metrics
View Detail0
Read PDF0
Download PDF0