Method of Preventing TCP-Based Denial-of-Service Attacks on Mobile Devices

US 20100299753A1
Filed: 09/14/2007
Published: 11/25/2010
Est. Priority Date: 08/08/2007
Status: Active Grant

First Claim

Patent Images

1. A method of preventing a Denial of Service (DoS) attack by checking flow of packets transmitted between a base station and a mobile station using a Transmission Control Protocol (TCP) protocol, the method comprising the steps of:

when the base station transmits a connection request SYN packet for a TCP connection to the mobile device, and then the mobile device receives the transmitted connection request SYN packet, transmitting, at the mobile station, a connection request acknowledgement SYN/ACK_—1 packet to the base station;

when the transmitted connection request acknowledgement SYN/ACK_—1 packet is received, transmitting, at the base station, an acknowledgement ACK_—2 packet corresponding to the connection request acknowledgement SYN/ACK_—1 packet to the mobile device;

when the mobile device receives the transmitted acknowledgement ACK_—2 packet, establishing the TCP connection; and

when the TCP connection is established, and then the mobile device receives a packet, in which a reset RST or connection request SYN flag is set, transmitted from the base station, terminating the established TCP connection.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Provided is a method of preventing a Transmission Control Protocol (TCP)-based Denial of Service (DoS) attack on a mobile device. The method efficiently prevents a DoS attack on a mobile device, which wirelessly and constantly transmits TCP packets to the mobile device using a TCP protocol and thereby exhausts resources of a wireless network and also battery power of the mobile device depending on a battery. An attack conventionally made in a wired network by abusing TCP-based three-way handshaking is more severe in the wireless network of mobile devices. To prevent such an attack on a mobile device, the method capable of checking three-way handshaking and each transition operation makes the mobile device check whether or not a received TCP packet is valid. Therefore, it is possible to efficiently prevent a DoS attack from exhausting wireless resources and battery power of the mobile device.

64 Citations

View as Search Results

19 Claims

1. A method of preventing a Denial of Service (DoS) attack by checking flow of packets transmitted between a base station and a mobile station using a Transmission Control Protocol (TCP) protocol, the method comprising the steps of:
- when the base station transmits a connection request SYN packet for a TCP connection to the mobile device, and then the mobile device receives the transmitted connection request SYN packet, transmitting, at the mobile station, a connection request acknowledgement SYN/ACK_—1 packet to the base station;
  
  when the transmitted connection request acknowledgement SYN/ACK_—1 packet is received, transmitting, at the base station, an acknowledgement ACK_—2 packet corresponding to the connection request acknowledgement SYN/ACK_—1 packet to the mobile device;
  
  when the mobile device receives the transmitted acknowledgement ACK_—2 packet, establishing the TCP connection; and
  
  when the TCP connection is established, and then the mobile device receives a packet, in which a reset RST or connection request SYN flag is set, transmitted from the base station, terminating the established TCP connection.
- View Dependent Claims (2, 3, 11)
- - 2. The method according to claim 1, wherein when the TCP connection is established, and then the mobile device cannot receive any packet during a previously set timeout period, it is determined that the base station has abnormally terminated the TCP connection, and the mobile device safely terminates the TCP connection.
  - 3. The method according to claim 2, wherein the timeout period is set to 0.5 seconds.
  - 11. A computer-readable recording medium storing a computer program capable of executing the method according to claim 1.

4. A method of preventing a Denial of Service (DoS) attack by checking flow of packets transmitted between a base station and a mobile station using a Transmission Control Protocol (TCP) protocol, the method comprising the steps of:
- when the base station transmits a connection request SYN packet for a TCP connection to the mobile device, and then the mobile device receives the transmitted connection request SYN packet, transmitting, at the mobile device, a connection request acknowledgement SYN/ACK_—1 packet to the base station;
  
  receiving, at the base station, the transmitted connection request acknowledgement SYN/ACK_—1 packet and then transmitting a finish FIN packet to the mobile device; and
  
  when the mobile device receives the transmitted finish FIN packet, terminating the TCP connection.
- View Dependent Claims (7, 8, 12)
- - 7. The method according to claim 4, wherein when the mobile device cannot receive any packet during a previously set timeout period after transmitting the connection request acknowledgement SYN/ACK_—
    - 1 packet to the base station, it is determined that the base station has abnormally terminated the TCP connection, and the mobile device safely terminates the TCP connection.
  - 8. The method according to claim 7, wherein the timeout period is set to 0.5 seconds.
  - 12. A computer-readable recording medium storing a computer program capable of executing the method according to claim 4.

5. A method of preventing a Denial of Service (DoS) attack by checking flow of packets transmitted between a base station and a mobile station using a Transmission Control Protocol (TCP) protocol, the method comprising the steps of:
- when the base station transmits a connection request SYN packet for a TCP connection to the mobile device, and then the mobile device receives the transmitted connection request SYN packet, transmitting, at the mobile device, a connection request acknowledgement SYN/ACK_—1 packet to the base station;
  
  receiving, at the base station, the transmitted connection request acknowledgement SYN/ACK_—1 packet and then transmitting an acknowledgement finish ACK_—2/FIN packet, in which an acknowledgement ACK_—2 flag corresponding to the connection request acknowledgement SYN/ACK_—1 packet and a FIN flag are set, to the mobile device; and
  
  when the mobile device receives the transmitted acknowledgement finish ACK_—2/FIN packet, terminating the TCP connection.
- View Dependent Claims (13, 16, 17)
- - 13. A computer-readable recording medium storing a computer program capable of executing the method according to claim 5.
  - 16. The method according to claim 5, wherein when the mobile device cannot receive any packet during a previously set timeout period after transmitting the connection request acknowledgement SYN/ACK_—
    - 1 packet to the base station, it is determined that the base station has abnormally terminated the TCP connection, and the mobile device safely terminates the TCP connection.
  - 17. The method according to claim 16, wherein the timeout period is set to 0.5 seconds.

6. A method of preventing a Denial of Service (DoS) attack by checking flow of packets transmitted between a base station and a mobile station using a Transmission Control Protocol (TCP) protocol, the method comprising the steps of:
- when the base station transmits a connection request SYN packet for a TCP connection to the mobile device, and then the mobile device receives the transmitted connection request SYN packet, transmitting, at the mobile device, a connection request acknowledgement SYN/ACK_—1 packet to the base station;
  
  receiving, at the base station, the transmitted connection request acknowledgement SYN/ACK_—1 packet and then retransmitting the connection request SYN packet to the mobile device; and
  
  when the mobile device receives the retransmitted connection request SYN packet, terminating the TCP connection.
- View Dependent Claims (14, 18, 19)
- - 14. A computer-readable recording medium storing a computer program capable of executing the method according to claim 6.
  - 18. The method according to claim 6, wherein when the mobile device cannot receive any packet during a previously set timeout period after transmitting the connection request acknowledgement SYN/ACK_—
    - 1 packet to the base station, it is determined that the base station has abnormally terminated the TCP connection, and the mobile device safely terminates the TCP connection.
  - 19. The method according to claim 18, wherein the timeout period is set to 0.5 seconds.

9. A method of preventing a Denial of Service (DoS) attack by checking flow of packets transmitted between a base station and a mobile station using a Transmission Control Protocol (TCP) protocol, the method comprising the step of:
- safely terminating a TCP connection when, after the TCP connection is established between the base station and the mobile device, the mobile device transmits a finish/acknowledgement FIN/ACK packet for normally terminating the TCP connection to the base station and then cannot receive an acknowledgement ACK_—3 packet from the base station during a previously set timeout period.
- View Dependent Claims (10, 15)
- - 10. The method according to claim 9, wherein the timeout period is set to 0.5 seconds.
  - 15. A computer-readable recording medium storing a computer program capable of executing the method according to claim 9.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung SDS (China) Co., Ltd. (Samsung Group)
Original Assignee
Samsung SDS (China) Co., Ltd. (Samsung Group)
Inventors
Yoo, In Seon

Granted Patent

US 9,055,099 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

H04L 63/1458   Denial of Service

H04L 69/16   Implementation or adaptatio...

H04W 12/126   Anti-theft arrangements, e....

Y02D 30/70   in wireless communication n...

Method of Preventing TCP-Based Denial-of-Service Attacks on Mobile Devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

64 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method of Preventing TCP-Based Denial-of-Service Attacks on Mobile Devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links