Abstract
DDoS attacks are becoming increasingly frequent and violent. A typical type of attack is the TCP SYN flood, inhibiting a server from opening new TCP connections. Current countermeasures to this attack introduce inefficiencies by either reducing computing resources on the service host or creating new network bottlenecks. In this work, we present a novel approach to mitigate TCP SYN flood attacks using software-defined networking. We perform an initial evaluation of a proof-of-concept implementation that exhibits performance measures close to existing countermeasures while circumventing their inefficiencies.
Users
Please
log in to take part in the discussion (add own reviews or comments).