Defense against SYN flooding attacks: A particle swarm optimization approach

Defense against SYN flooding attacks: A particle swarm optimization approach

SYN flooding attack is a threat that has been designed based on vulnerabilities of the connection establishment phase of the TCP protocol. In this attack some sources send a large number of TCP SYN segments, without completing the third handshake step to quickly exhaust connection resources of the v...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Computers & electrical engineering 2014-08, Vol.40 (6), p.2013-2025
Hauptverfasser: Jamali, Shahram, Shaker, Vahid
Format: Artikel
Sprache:eng
Schlagworte:
Blocking
Buffers
Computer simulation
Flooding
Joints
Optimization
Swarm intelligence
TCP (protocol)
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:SYN flooding attack is a threat that has been designed based on vulnerabilities of the connection establishment phase of the TCP protocol. In this attack some sources send a large number of TCP SYN segments, without completing the third handshake step to quickly exhaust connection resources of the victim server. Hence, a main part of the server’s buffer space is allocated to the attack half open connections and incoming new connection requests will be blocked. This paper proposes a novel framework, in which, the defense issue is formulated as an optimization problem. Then it employs the particle swarm optimization (PSO) algorithm to solve this optimization problem. Our theoretical analysis and packet-level simulations in ns-2 environment show that the proposed defense strategy called PSO_SYN decreases the number of blocked TCP connection requests and cuts down share of attack connections from the buffer space.
ISSN:0045-7906
1879-0755
DOI:10.1016/j.compeleceng.2014.05.012