Vandalism occurring in cyberspace and resulting in Denial of Service (DoS) to authorized users of a Website or a computer system. In SYN flooding, an attacker initiates a connection to a legitimate service accessible from the Internet (such as by email or a Web server).
The setup of a TCP connection requires a three-way handshake, consisting of the following three steps: (1) the partner requesting a connection sends a SYN packet; (2) this packet is answered by a SYN-ACK packet by the receiver; (3) on reception of the SYN-ACK the initiating partner sends an ACK packet, thus completing the setup.
In a SYN-flood attack, a high number of connections are initiated, but the last step is never completed by the system attacker. This incomplete setup results in a high number of half-open connections on the exploited system that eventually consume all the system’s resources, thus preventing further legitimate connections from completing their course.
Schell, B.H. and Martin, C. Contemporary World Issues Series: Cybercrime: A Reference Handbook. Santa Barbara, CA: ABC-CLIO, 2004.