Defending Servers Against Naptha Attack By Using An Early Client Authentication Method
Loading...
Date
2008-06
Authors
Cheng, Han Pin
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Naptha attack aims to disrupt TCP service a server provides by generating
large amount of forged connections to the server. The targeted server includes secure
shell server, mail server, web server and file server. These servers typically create one
process or one thread for each established incoming request regardless of whether the
client is legitimate or not. Once the maximum process limit or thread limit is reached,
new request will be closed and dropped. Hence, Naptha attack is also a Denial of
Service attack. In this research, we propose Early Client Authentication Method (ECAM)
in defending server that required client login against Naptha DoS attack. This method
patches the gap between connection establishment and client validation which appears
in current TCP implementation. The advantages of the proposed authentication method
are simple, efficient and it does not introduce additional transaction between client and
server. Results show that the proposed ECAM is capable in handling the attack on our
test machine while continue serving its client.
Description
Keywords
Naptha attack aims to disrupt , TCP service a server provides