Abstract
The kernel of the Linux server is analyzed to find out the main cause of the server’s denial of service when it is attacked. In the kernel, when the connection request information memory is full, the new connection request is discarded. Therefore, the printk function was used to alert the kernel output log when the memory was full, the processing of discarding the connection request in the kernel was changed, and the function tcp_syn_flood_action was applied to full memory processing. In the function tcp_syn_flood_action, the free function was used to release the memory according to the condition, so that the new connection request has a storage space, thereby offering the server’s normal service. Finally, the proposed defense technology is verified to be effective.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Zhao, K., Li, X.: Principle, detection and defense technology of SYN Flooding network attack. J. South Mech. Electr. Coll. 18(03), 45–46+ 112 (2010)
Wei, D.: I have to know the server three attack killers. Comput. Netw. 42(22), 51 (2016)
Fapadopoulos, C., Lindell, R.: COSSACK: coordinated suppression of simultaneous attacks. In: Proceedings of DARPA Information Survivability Conference and Exposition, vol. 2, pp. 94–96 (2003)
Savage, S., Wetherall, D.: Network support for IP trace back. IEEE/ACM Trans. Netw. 9(3), 226–237 (2001)
Peng, T., Leckie, C.: Protection from distributed denial of service attacks using history-based 1P filtering. In: IEEE International Conference on Communications, Alaska, USA, pp. 186–482. Electronic and Electrical Engineering publishing company (2003)
Liu, Y., He, Y.: SYN Flood detection method based on statistical features. Softw. Eng. 20(04), 4–8 (2017)
Han, X.: Design and implementation of DDoS attack defense system. Harbin Engineering University (2015)
Huang, H., Hu, X., Ma, M., Li, P.: Research on comprehensive experiment teaching reform of SYN flood network security. Comput. Knowl. Technol. 14(14), 127–130 (2018)
Yang, X.: TCP/IP related protocols and their applications. Commun. World 26(01), 27–28 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Lang, D., Ding, W., Xiang, Y., Liu, X. (2019). Analysis and Defense of Network Attacking Based on the Linux Server. In: Cheng, X., Jing, W., Song, X., Lu, Z. (eds) Data Science. ICPCSEE 2019. Communications in Computer and Information Science, vol 1058. Springer, Singapore. https://doi.org/10.1007/978-981-15-0118-0_28
Download citation
DOI: https://doi.org/10.1007/978-981-15-0118-0_28
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-0117-3
Online ISBN: 978-981-15-0118-0
eBook Packages: Computer ScienceComputer Science (R0)