Cargando…
Detection and Mitigation of SYN Flooding Attacks through SYN/ACK Packets and Black/White Lists
Software-defined networking (SDN) is a new network architecture that provides programmable networks, more efficient network management, and centralized control than traditional networks. The TCP SYN flooding attack is one of the most aggressive network attacks that can seriously degrade network perf...
| Autores principales: | , , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2023
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10143797/ https://www.ncbi.nlm.nih.gov/pubmed/37112158 http://dx.doi.org/10.3390/s23083817 |
| _version_ | 1785033943057170432 |
|---|---|
| author | Yang, Chun-Hao Wu, Jhen-Ping Lee, Fang-Yi Lin, Ting-Yu Tsai, Meng-Hsun |
| author_facet | Yang, Chun-Hao Wu, Jhen-Ping Lee, Fang-Yi Lin, Ting-Yu Tsai, Meng-Hsun |
| author_sort | Yang, Chun-Hao |
| collection | PubMed |
| description | Software-defined networking (SDN) is a new network architecture that provides programmable networks, more efficient network management, and centralized control than traditional networks. The TCP SYN flooding attack is one of the most aggressive network attacks that can seriously degrade network performance. This paper proposes detection and mitigation modules against SYN flooding attacks in SDN. We combine those modules, which have evolved from the cuckoo hashing method and innovative whitelist, to get better performance compared to current methods Our approach reduces the traffic through the switch and improves detection accuracy, also the required register size is reduced by half for the same accuracy. |
| format | Online Article Text |
| id | pubmed-10143797 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2023 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-101437972023-04-29 Detection and Mitigation of SYN Flooding Attacks through SYN/ACK Packets and Black/White Lists Yang, Chun-Hao Wu, Jhen-Ping Lee, Fang-Yi Lin, Ting-Yu Tsai, Meng-Hsun Sensors (Basel) Article Software-defined networking (SDN) is a new network architecture that provides programmable networks, more efficient network management, and centralized control than traditional networks. The TCP SYN flooding attack is one of the most aggressive network attacks that can seriously degrade network performance. This paper proposes detection and mitigation modules against SYN flooding attacks in SDN. We combine those modules, which have evolved from the cuckoo hashing method and innovative whitelist, to get better performance compared to current methods Our approach reduces the traffic through the switch and improves detection accuracy, also the required register size is reduced by half for the same accuracy. MDPI 2023-04-07 /pmc/articles/PMC10143797/ /pubmed/37112158 http://dx.doi.org/10.3390/s23083817 Text en © 2023 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Yang, Chun-Hao Wu, Jhen-Ping Lee, Fang-Yi Lin, Ting-Yu Tsai, Meng-Hsun Detection and Mitigation of SYN Flooding Attacks through SYN/ACK Packets and Black/White Lists |
| title | Detection and Mitigation of SYN Flooding Attacks through SYN/ACK Packets and Black/White Lists |
| title_full | Detection and Mitigation of SYN Flooding Attacks through SYN/ACK Packets and Black/White Lists |
| title_fullStr | Detection and Mitigation of SYN Flooding Attacks through SYN/ACK Packets and Black/White Lists |
| title_full_unstemmed | Detection and Mitigation of SYN Flooding Attacks through SYN/ACK Packets and Black/White Lists |
| title_short | Detection and Mitigation of SYN Flooding Attacks through SYN/ACK Packets and Black/White Lists |
| title_sort | detection and mitigation of syn flooding attacks through syn/ack packets and black/white lists |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10143797/ https://www.ncbi.nlm.nih.gov/pubmed/37112158 http://dx.doi.org/10.3390/s23083817 |
| work_keys_str_mv | AT yangchunhao detectionandmitigationofsynfloodingattacksthroughsynackpacketsandblackwhitelists AT wujhenping detectionandmitigationofsynfloodingattacksthroughsynackpacketsandblackwhitelists AT leefangyi detectionandmitigationofsynfloodingattacksthroughsynackpacketsandblackwhitelists AT lintingyu detectionandmitigationofsynfloodingattacksthroughsynackpacketsandblackwhitelists AT tsaimenghsun detectionandmitigationofsynfloodingattacksthroughsynackpacketsandblackwhitelists |