Abstract
The TCP SYN flooding (half-open connection) attack is a type of DDoS attack, which denies the services by consuming the server resources. This attack prevents legitimate users from using their desired service. The SYN flooding attack exploits the normal TCP three-way handshake by sending stream of SYN packets to the server with spoofed IP addresses. The detection of this attack is hard since the internet routing infrastructure cannot differentiate between legitimate and spoofed SYN packets. In this paper we present a new detection method for the SYN flooding attack based on Multifractal Detrended Fluctuation Analysis (MFDFA) in addition to an adaptive threshold, thus we can detect the abnormal behavior in the TCP protocol time series.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
