Defending Servers Against Naptha Attack By Using An Early Client Authentication Method

Loading...
Thumbnail Image
Date
2008-06
Authors
Cheng, Han Pin
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Naptha attack aims to disrupt TCP service a server provides by generating large amount of forged connections to the server. The targeted server includes secure shell server, mail server, web server and file server. These servers typically create one process or one thread for each established incoming request regardless of whether the client is legitimate or not. Once the maximum process limit or thread limit is reached, new request will be closed and dropped. Hence, Naptha attack is also a Denial of Service attack. In this research, we propose Early Client Authentication Method (ECAM) in defending server that required client login against Naptha DoS attack. This method patches the gap between connection establishment and client validation which appears in current TCP implementation. The advantages of the proposed authentication method are simple, efficient and it does not introduce additional transaction between client and server. Results show that the proposed ECAM is capable in handling the attack on our test machine while continue serving its client.
Description
Keywords
Naptha attack aims to disrupt , TCP service a server provides
Citation