Sensors (Apr 2023)

Detection and Mitigation of SYN Flooding Attacks through SYN/ACK Packets and Black/White Lists

  • Chun-Hao Yang,
  • Jhen-Ping Wu,
  • Fang-Yi Lee,
  • Ting-Yu Lin,
  • Meng-Hsun Tsai

DOI
https://doi.org/10.3390/s23083817
Journal volume & issue
Vol. 23, no. 8
p. 3817

Abstract

Read online

Software-defined networking (SDN) is a new network architecture that provides programmable networks, more efficient network management, and centralized control than traditional networks. The TCP SYN flooding attack is one of the most aggressive network attacks that can seriously degrade network performance. This paper proposes detection and mitigation modules against SYN flooding attacks in SDN. We combine those modules, which have evolved from the cuckoo hashing method and innovative whitelist, to get better performance compared to current methods Our approach reduces the traffic through the switch and improves detection accuracy, also the required register size is reduced by half for the same accuracy.

Keywords