Abstract
SYN flooding is one of classical denial of service (DoS) attacks abusing the TCP 3-way handshake process. This attack causes a server not to accept additional connection requests by filling the server's backlog queue with malicious connection requests (SYNpackets). Although several methods have been proposed to solve the SYN Flooding attack, they cannot guarantee reliable connection establishments to clients under extremely aggressive SYN flooding attacks. In this paper, we propose a WhiteList-based defense scheme that increases connection success ratio of legitimate connection requests under SYN flooding attacks. We implemented this scheme as a Linux kernel module. Experimental results show that the proposed method ensures high connection success ratio for legitimate clients and effectively annuls bogus SYN flooding.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call