LIÊN KẾT WEBSITE
An Efficient High-Throughput and Low-Latency SYN Flood Defender for High-Speed Networks
Security and Communication Networks Số , năm 2018 (Tập 2018, trang -)
DOI: 10.1155/2018/9562801
Tài liệu thuộc danh mục: Scopus
Secur. Commun. Networks
English
Từ khóa: Flood control; Floods; HIgh speed networks; Network architecture; Network security; Throughput; Distributed denial of service attack; Hardware-based approach; High throughput; Network packets; Openflow switches; Packets per seconds; Pipeline modeling; Prototype versions; Denial-of-service attack
Tóm tắt tiếng anh
As one of the main types of Distributed Denial of Service (DDoS) attacks, SYN flood attacks have caused serious issues for servers when legitimate clients may be denied connections. There is an essential demand for a sufficient approach to mitigate SYN flood attacks. In this paper, we introduce an efficient high-throughput and low-latency SYN flood defender architecture, carefully designed with a pipeline model. A mathematical model is also introduced with the architecture for estimating SYN flood protection throughput and latency. The first prototype version based on the architecture with Verilog-HDL can function as standalone to alleviate high-rate SYN flood attacks and can be integrated into an OpenFlow switch for handling network packets. Our experiments with NetFPGA-10G platforms show that the core can protect servers against SYN flood attacks by up to 28+ millions packets per second that outperforms most well-known hardware-based approaches in the literature. � 2018 Duc-Minh Ngo et al.
