Defense against SYN Flooding Attacks: A Scheduling Approach
Journal Title: Journal of Information Systems and Telecommunication - Year 2014, Vol 2, Issue 1
Abstract
The TCP connection management protocol sets a position for a classic Denial of Service (DoS) attack, called the SYN flooding attack. In this attack attacker sends a large number of TCP SYN segments, without completing the third handshaking step to quickly exhaust connection resources of the victim server. Therefore it keeps TCP from handling legitimate requests. This paper proposes that SYN flooding attack can be viewed metaphorically as result of an unfair scheduling that gives more opportunity to attack requests but prevents legal connections from getting services. In this paper, we present a scheduling algorithm that ejects the half connection with the longest duration, when number of half open connections reaches to the upper bound. The simulation results show that the proposed defense mechanism improves performance of the under attack system in terms of loss probability of requests and share of regular connections from system resources.
Authors and Affiliations
Shahram Jamali, Gholam Shaker
Keywords
Related Articles
- EP ID EP185974
- DOI 10.7508/jist.2014.01.007
- Views 131
- Downloads 0
Defense against SYN Flooding Attacks: A Scheduling Approach
The TCP connection management protocol sets a position for a classic Denial of Service (DoS) attack, called the SYN flooding attack. In this attack attacker sends a large number of TCP SYN segments, without completing th...
Towards Accelerating IP Lookups on Commodity PC Routers using Bloom Filter: Proposal of Bloom-Bird
Nowadays, routers are the main backbone of computer networks specifically the Internet. Moreover, the need for high-performance and high-speed routers has become a fundamental issue due to significant growth of informati...
A New Architecture for Intrusion-Tolerant Web Services Based on Design Diversity Techniques
Web services are the realization of service-oriented architecture (SOA). Security is an important challenge of SOAP-based Web services. So far, several security techniques and standards based on traditional security mech...
A New Cooperative Approach for Cognitive Radio Networks with Correlated Wireless Channels
An effective cooperative cognitive radio system is proposed, when the wireless channels are highly correlated. The system model consists of two multi-antenna secondary users (SU TX and SU RX), constituting the desired li...
A New Node Density Based k-edge Connected Topology Control Method: A Desirable QoS Tolerance Approach
This research is an ongoing work for achieving consistency between topology control and QoS guarantee in MANET. Desirable topology and Quality of Service (QoS) control are two important challenges in wireless communicati...