Abstract:
SYN flooding attack is a threat that has been designed based on vulnerabilities of the connection establishment phase of the TCP protocol. In this attack, some sources send a large number of TCP SYN segments, without completing the third handshake step to quickly exhaust connection resources of the victim server. Hence, a main part of the server’s buffer space is allocated to the attack half open connections and incoming new connection requests will be blocked. This paper proposes a novel framework, in which, the defense issue is formulated as an optimization problem. Then it employs the particle swarm optimization (PSO) algorithm to solve this optimization problem. Our theoretical analysis and packet-level simulations show that the proposed defense strategy decreases the number of blocked TCP connection requests and cuts down share of attack connections from the buffer space.
