PSO-SFDD: Defense against SYN flooding DoS attacks by employing PSO algorithm

Authors:
Shahram Jamali;Gholam Shaker
Affiliations:
-;-
Venue:
Computers & Mathematics with Applications
Year:
2012

Citing 8
Cited 2

Improving the functionality of syn cookies

Proceedings of the IFIP TC6/TC11 Sixth Joint Working Conference on Communications and Multimedia Security: Advanced Communications and Multimedia Security
A framework for classifying denial of service attacks

Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
A queueing analysis for the denial of service (DoS) attacks in computer networks

Computer Networks: The International Journal of Computer and Telecommunications Networking
Detecting Denial-of-Service attacks using the wavelet transform

Computer Communications
An autonomous defense against SYN flooding attacks: Detect and throttle attacks at the victim side independently

Journal of Parallel and Distributed Computing
A collaborative defense mechanism against SYN flooding attacks in IP networks

Journal of Network and Computer Applications
Application of anomaly detection algorithms for detecting SYN flooding attacks

Computer Communications
Defending against flooding-based distributed denial-of-service attacks: a tutorial

IEEE Communications Magazine

Data fusion of multi-sensor for IOT precise measurement based on improved PSO algorithms

Computers & Mathematics with Applications
A personalized auxiliary material recommendation system based on learning style on Facebook applying an artificial bee colony algorithm

Computers & Mathematics with Applications

Quantified Score

Hi-index	0.09

Visualization

Abstract

A DoS attack can be regarded as an attempt of attackers to prevent legal users from gaining a normal network service. The TCP connection management protocol sets a position for a classic DoS attack, namely, the SYN flood attack. In this attack some sources send a large number of TCP SYN segments, without completing the third handshake step to quickly exhaust connection resources of the under attack system. This paper models the under attack server by using the queuing theory in which attack requests are recognized based on their long service time. Then it proposes a framework in which the defense issue is formulated as an optimization problem and employs the particle swarm optimization (PSO) algorithm to optimally solve this problem. PSO tries to direct the server to an optimum defense point by dynamically setting two TCP parameters, namely, maximum number of connections and maximum duration of a half-open connection. The simulation results show that the proposed defense strategy improves the performance of the under attack system in terms of rejection probability of connection requests and efficient consumption of buffer space.