Combating TCP Based Attacks on Mobile Devices

TCP based attack is a well known security problem that leads to consumption of mobile devices resources such as bandwidths, batteries as well as memory. The attack is common in new environments providing TCP-based network services (web service, email service) such as peer to peer networks and scenarios where wireless terminals act as servers. Verifying sources sending synchronize (SYN), acknowledge (ACK) or reset (RST) has been a great challenge. The existing solutions have focused much on verifying sources sending SYN requests and therefore encouraging attackers to use invalid RSTs and ACKs thus rendering the TCP servers ineffective. This paper describes two mechanisms that verify the sources sending SYN requests, ACK and RST in order to distinguish invalid requests and responses from legitimate ones. The solution requires minimum modifications to the existing firewalls and reduces attackerspsila effective rate significantly.