Table 1 Capturing network traffic by XOR DDoS
From: A study on efficient detection of network-based IP spoofing DDoS and malware-infected Systems
06:05:24.260515 IP x.x.x.x.7318 > y.y.y.y.80: Flags [S], seq 479609867:479610763,win65535,length896 | |
06:05:24.260540 IP x.x.x.x.2104 > y.y.y.y.80: Flags [S], seq 137948748:137949644,win65535,length896 | |
06:05:24.260560 IP x.x.x.x.58852 > y.y.y.y.80: Flags [S], seq 3856952941:3856953837,win65535,length 896 | |
··· | |
06:05:24.260574 IP x.x.x.x.4375 > y.y.y.y.80: Flags [S], seq 286734425:286735321,win65535,length896 | |
06:05:24.260583 IP x.x.x.x.62129 > y.y.y.y.80: Flags [SE], seq 4071711351:4071712247,win65535,length896 |