Defense against SYN Flooding Attacks: A Scheduling Approach
Author(s):
Abstract:
The TCP connection management protocol sets a position for a classic Denial of Service (DoS) attack, called the SYN flooding attack. In this attack attacker sends a large number of TCP SYN segments, without completing the third handshaking step to quickly exhaust connection resources of the victim server. Therefore it keeps TCP from handling legitimate requests. This paper proposes that SYN flooding attack can be viewed metaphorically as result of an unfair scheduling that gives more opportunity to attack requests but prevents legal connections from getting services. In this paper, we present a scheduling algorithm that ejects the half connection with the longest duration, when number of half open connections reaches to the upper bound. The simulation results show that the proposed defense mechanism improves performance of the under attack system in terms of loss probability of requests and share of regular connections from system resources.
Keywords:
DoS Attack , SYN Flooding , Scheduling , TCP , Performance
Language:
English
Published:
Journal of Information Systems and Telecommunication, Volume:2 Issue: 1, Jan-Mar 2014
Page:
55
magiran.com/p1248343
دانلود و مطالعه متن این مقاله با یکی از روشهای زیر امکان پذیر است:
اشتراک شخصی
با عضویت و پرداخت آنلاین حق اشتراک یکساله به مبلغ 1,390,000ريال میتوانید 70 عنوان مطلب دانلود کنید!
اشتراک سازمانی
به کتابخانه دانشگاه یا محل کار خود پیشنهاد کنید تا اشتراک سازمانی این پایگاه را برای دسترسی نامحدود همه کاربران به متن مطالب تهیه نمایند!
توجه!
- حق عضویت دریافتی صرف حمایت از نشریات عضو و نگهداری، تکمیل و توسعه مگیران میشود.
- پرداخت حق اشتراک و دانلود مقالات اجازه بازنشر آن در سایر رسانههای چاپی و دیجیتال را به کاربر نمیدهد.
In order to view content subscription is required
Personal subscription
Subscribe magiran.com for 70 € euros via PayPal and download 70 articles during a year.
Organization subscription
Please contact us to subscribe your university or library for unlimited access!