Defense against SYN Flooding Attacks: A Scheduling Approach
Journal Title: Journal of Information Systems and Telecommunication - Year 2014, Vol 2, Issue 1
Abstract
The TCP connection management protocol sets a position for a classic Denial of Service (DoS) attack, called the SYN flooding attack. In this attack attacker sends a large number of TCP SYN segments, without completing the third handshaking step to quickly exhaust connection resources of the victim server. Therefore it keeps TCP from handling legitimate requests. This paper proposes that SYN flooding attack can be viewed metaphorically as result of an unfair scheduling that gives more opportunity to attack requests but prevents legal connections from getting services. In this paper, we present a scheduling algorithm that ejects the half connection with the longest duration, when number of half open connections reaches to the upper bound. The simulation results show that the proposed defense mechanism improves performance of the under attack system in terms of loss probability of requests and share of regular connections from system resources.
Authors and Affiliations
Shahram Jamali, Gholam Shaker
Keywords
Related Articles
- EP ID EP185974
- DOI 10.7508/jist.2014.01.007
- Views 115
- Downloads 0
Internet Banking, Cloud Computing: Opportunities, Threats
With the extension of Internet and its applications, internet banking is introduced as an efficient and cost effective way to provide services to customers. Towards the end of previous decade, cloud computing has been of...
Extracting Credit Rules from Imbalanced Data: The Case of an Iranian Export Development Bank
Credit scoring is an important topic, and banks collect different data from their loan applicant to make an appropriate and correct decision. Rule bases are of more attention in credit decision making because of their ab...
Analysis of Imperfect Space Channel for the Next Generation Satellite Networks
An efficient space data management is imperative in guaranteeing the best performance with a fair distribution of next generation satellite networks. Therefore, one of the major challenges of implementing this kind of fu...
A New Node Density Based k-edge Connected Topology Control Method: A Desirable QoS Tolerance Approach
This research is an ongoing work for achieving consistency between topology control and QoS guarantee in MANET. Desirable topology and Quality of Service (QoS) control are two important challenges in wireless communicati...
A Global-Local Noise Removal Approach to Remove High Density Impulse Noise
Impulse noise removal from images is one of the most important concerns in digital image processing. Noise must be removed in a way that the main and important information of image is kept. Traditionally, the median filt...