Method of Preventing TCP-Based Denial-of-Service Attacks on Mobile Devices
First Claim
1. A method of preventing a Denial of Service (DoS) attack by checking flow of packets transmitted between a base station and a mobile station using a Transmission Control Protocol (TCP) protocol, the method comprising the steps of:
- when the base station transmits a connection request SYN packet for a TCP connection to the mobile device, and then the mobile device receives the transmitted connection request SYN packet, transmitting, at the mobile station, a connection request acknowledgement SYN/ACK—
1 packet to the base station;
when the transmitted connection request acknowledgement SYN/ACK—
1 packet is received, transmitting, at the base station, an acknowledgement ACK—
2 packet corresponding to the connection request acknowledgement SYN/ACK—
1 packet to the mobile device;
when the mobile device receives the transmitted acknowledgement ACK—
2 packet, establishing the TCP connection; and
when the TCP connection is established, and then the mobile device receives a packet, in which a reset RST or connection request SYN flag is set, transmitted from the base station, terminating the established TCP connection.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided is a method of preventing a Transmission Control Protocol (TCP)-based Denial of Service (DoS) attack on a mobile device. The method efficiently prevents a DoS attack on a mobile device, which wirelessly and constantly transmits TCP packets to the mobile device using a TCP protocol and thereby exhausts resources of a wireless network and also battery power of the mobile device depending on a battery. An attack conventionally made in a wired network by abusing TCP-based three-way handshaking is more severe in the wireless network of mobile devices. To prevent such an attack on a mobile device, the method capable of checking three-way handshaking and each transition operation makes the mobile device check whether or not a received TCP packet is valid. Therefore, it is possible to efficiently prevent a DoS attack from exhausting wireless resources and battery power of the mobile device.
-
Citations
19 Claims
-
1. A method of preventing a Denial of Service (DoS) attack by checking flow of packets transmitted between a base station and a mobile station using a Transmission Control Protocol (TCP) protocol, the method comprising the steps of:
-
when the base station transmits a connection request SYN packet for a TCP connection to the mobile device, and then the mobile device receives the transmitted connection request SYN packet, transmitting, at the mobile station, a connection request acknowledgement SYN/ACK—
1 packet to the base station;when the transmitted connection request acknowledgement SYN/ACK—
1 packet is received, transmitting, at the base station, an acknowledgement ACK—
2 packet corresponding to the connection request acknowledgement SYN/ACK—
1 packet to the mobile device;when the mobile device receives the transmitted acknowledgement ACK—
2 packet, establishing the TCP connection; andwhen the TCP connection is established, and then the mobile device receives a packet, in which a reset RST or connection request SYN flag is set, transmitted from the base station, terminating the established TCP connection. - View Dependent Claims (2, 3, 11)
-
-
4. A method of preventing a Denial of Service (DoS) attack by checking flow of packets transmitted between a base station and a mobile station using a Transmission Control Protocol (TCP) protocol, the method comprising the steps of:
-
when the base station transmits a connection request SYN packet for a TCP connection to the mobile device, and then the mobile device receives the transmitted connection request SYN packet, transmitting, at the mobile device, a connection request acknowledgement SYN/ACK—
1 packet to the base station;receiving, at the base station, the transmitted connection request acknowledgement SYN/ACK—
1 packet and then transmitting a finish FIN packet to the mobile device; andwhen the mobile device receives the transmitted finish FIN packet, terminating the TCP connection. - View Dependent Claims (7, 8, 12)
-
-
5. A method of preventing a Denial of Service (DoS) attack by checking flow of packets transmitted between a base station and a mobile station using a Transmission Control Protocol (TCP) protocol, the method comprising the steps of:
-
when the base station transmits a connection request SYN packet for a TCP connection to the mobile device, and then the mobile device receives the transmitted connection request SYN packet, transmitting, at the mobile device, a connection request acknowledgement SYN/ACK—
1 packet to the base station;receiving, at the base station, the transmitted connection request acknowledgement SYN/ACK—
1 packet and then transmitting an acknowledgement finish ACK—
2/FIN packet, in which an acknowledgement ACK—
2 flag corresponding to the connection request acknowledgement SYN/ACK—
1 packet and a FIN flag are set, to the mobile device; andwhen the mobile device receives the transmitted acknowledgement finish ACK—
2/FIN packet, terminating the TCP connection. - View Dependent Claims (13, 16, 17)
-
-
6. A method of preventing a Denial of Service (DoS) attack by checking flow of packets transmitted between a base station and a mobile station using a Transmission Control Protocol (TCP) protocol, the method comprising the steps of:
-
when the base station transmits a connection request SYN packet for a TCP connection to the mobile device, and then the mobile device receives the transmitted connection request SYN packet, transmitting, at the mobile device, a connection request acknowledgement SYN/ACK—
1 packet to the base station;receiving, at the base station, the transmitted connection request acknowledgement SYN/ACK—
1 packet and then retransmitting the connection request SYN packet to the mobile device; andwhen the mobile device receives the retransmitted connection request SYN packet, terminating the TCP connection. - View Dependent Claims (14, 18, 19)
-
-
9. A method of preventing a Denial of Service (DoS) attack by checking flow of packets transmitted between a base station and a mobile station using a Transmission Control Protocol (TCP) protocol, the method comprising the step of:
safely terminating a TCP connection when, after the TCP connection is established between the base station and the mobile device, the mobile device transmits a finish/acknowledgement FIN/ACK packet for normally terminating the TCP connection to the base station and then cannot receive an acknowledgement ACK—
3 packet from the base station during a previously set timeout period.- View Dependent Claims (10, 15)
Specification