Abstract
The TCP SYN flooding attack or assault is one of the most prominent methods for the controller layer and the target server exhaustion in software-defined networking (SDN). The switches in the data layer or plane are forced to transfer an enormous amount of illicit SYN requests that the adversary creates to the controller because there are no forwarding rules. This extensive forwarding strains the computing capacity of both the data layer and the control layer and clogs the transmission route connecting them. We suggest a dynamic threshold-based countermeasure in this research, named ProDetect, to proactively cater to the SYN flooding attack in the SDN environment. We have fully implemented ProDetect as a security extension on the SDN controller for verifying inbound TCP connections. For SYN requests those that pass through ProDetect's validation test, the controller installs data forwarding policies for them and other malicious hosts sending forged requests are blocked. Therefore, these hosts are barred from sending any new TCP requests to the switches present inside the data layer. We have also employed a strategy to cope with forged MAC addresses in this work. When compared with the existing approaches, the evaluation of performance conducted by the simulation data reveals that ProDetect demonstrates low side effects for legitimate TCP requests and increases the total response time through an onset of SYN flooding operation.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
