Defense against SYN Flooding Attacks: A Scheduling Approach
Journal Title: Journal of Information Systems and Telecommunication - Year 2014, Vol 2, Issue 1
Abstract
The TCP connection management protocol sets a position for a classic Denial of Service (DoS) attack, called the SYN flooding attack. In this attack attacker sends a large number of TCP SYN segments, without completing the third handshaking step to quickly exhaust connection resources of the victim server. Therefore it keeps TCP from handling legitimate requests. This paper proposes that SYN flooding attack can be viewed metaphorically as result of an unfair scheduling that gives more opportunity to attack requests but prevents legal connections from getting services. In this paper, we present a scheduling algorithm that ejects the half connection with the longest duration, when number of half open connections reaches to the upper bound. The simulation results show that the proposed defense mechanism improves performance of the under attack system in terms of loss probability of requests and share of regular connections from system resources.
Authors and Affiliations
Shahram Jamali, Gholam Shaker
Keywords
Related Articles
- EP ID EP185974
- DOI 10.7508/jist.2014.01.007
- Views 127
- Downloads 0
An Approach to Compose Viewpoints of Different Stakeholders in the Specification of Probabilistic Systems
Developing large and complex systems often involves many stakeholders each of which has her own expectations from the system; hence, it is difficult to write a single formal specification of the system considering all of...
A Fast and Accurate Sound Source Localization Method using Optimal Combination of SRP and TDOA Methodologies
This paper presents an automatic sound source localization approach based on combination of the basic time delay estimation sub method namely, Time Difference of Arrival (TDOA), and Steered Response Power (SRP) methods....
Quality Assessment Based Coded Apertures for Defocus Deblurring
A conventional camera with small size pixels may capture images with defocused blurred regions. Blurring, as a low-pass filter, attenuates or drops details of the captured image. This fact makes deblurring as an ill-pose...
SRR shape dual band CPW-fed monopole antenna for WiMAX / WLAN applications
CPW structure is became common structure for UWB and multi band antenna design and SRR structure is well-known kind of metamaterial that has been used in antenna and filter design for multi band application. In this pape...
Analysis and Evaluation of Techniques for Myocardial Infarction Based on Genetic Algorithm and Weight by SVM
Although decreasing rate of death in developed countries because of Myocardial Infarction, it is turned to the leading cause of death in developing countries. Data mining approaches can be utilized to predict occurrence...