SDN-Based SYN ProxyA Solution to Enhance Performance of Attack Mitigation Under TCP SYN Flood


Tuyen, Dang Van, Huong, Truong Thu, Thanh, Nguyen Huu, Nam, Pham Ngoc, Thanh, Nguyen Ngoc and Marshall, Alan ORCID: 0000-0002-8058-5242 (2019) SDN-Based SYN ProxyA Solution to Enhance Performance of Attack Mitigation Under TCP SYN Flood. COMPUTER JOURNAL, 62 (4). pp. 518-534.

[img] Text
paper 5 - SSP.pdf - Author Accepted Manuscript
Download (2MB) | Preview

Abstract

Recently, TCP SYN flood has been the most common and serious type of Distributed Denial of Service attack that causes outages of server resource of Internet Service Providers. In another aspect, Software Defined Networking (SDN) has emerged as a new networking paradigm to increase network agility and programmability. SDN is also a promising architecture to deal with the network security issue where we can flexibly change security rules and control incoming flows. In this article, we design an Openflow/SDN network remedy to combat specifically TCP SYN flood. We show security threats for the SDN architecture and exploit SDN capabilities and features to design a SDN-based SYN Proxy (SSP) paradigm to mitigate such TCP SYN threats. Our SSP is proved to be a network-based solution to protect application servers in terms of decreasing number of Half-Open Connections at an application server and increasing probability of successful establishment for a TCP flow connection under TCP SYN Flood attack. Using SSP to support application servers is shown to outperform the case where the servers adopt only the protection scheme of Microsoft Windows server reference model without utilizing SSP. SSP also shows that it can reduce the time a flow entry occupies the switch resource by 94% in comparison with the Avant-Guard solution. In addition, SSP improves the successful connection rate and average connection retrieval time in comparison with the standard Openflow solution.

Item Type: Article
Uncontrolled Keywords: OpenFlow, SDN, DDoS attack, TCP SYN flood, SYN Proxy
Depositing User: Symplectic Admin
Date Deposited: 17 Jul 2019 14:12
Last Modified: 19 Jan 2023 00:38
DOI: 10.1093/comjnl/bxy117
Related URLs:
URI: https://livrepository.liverpool.ac.uk/id/eprint/3047688
Dimensions
Altmetric
CORE (COnnecting REpositories)