As one of the main types of Distributed Denial of Service (DDoS) attacks, SYN flood attacks have caused serious issues for servers when legitimate clients may be denied connections. There is an essential demand for a sufficient approach to mitigate SYN flood attacks. In this paper, we introduce an efficient high-throughput and low-latency SYN flood defender architecture, carefully designed with a pipeline model. A mathematical model is also introduced with the architecture for estimating SYN flood protection throughput and latency. The first prototype version based on the architecture with Verilog-HDL can function as standalone to alleviate high-rate SYN flood attacks and can be integrated into an OpenFlow switch for handling network packets. Our experiments with NetFPGA-10G platforms show that the core can protect servers against SYN flood attacks by up to 28+ millions packets per second that outperforms most well-known hardware-based approaches in the literature.
CITATION STYLE
Ngo, D. M., Pham-Quoc, C., & Ngoc Thinh, T. (2018). An Efficient High-Throughput and Low-Latency SYN Flood Defender for High-Speed Networks. Security and Communication Networks, 2018. https://doi.org/10.1155/2018/9562801
Mendeley helps you to discover research relevant for your work.