Reducing the impact of SYN flood attacks by improving the accuracy of the PSO algorithm by adaptive effective filters
Subject Areas : Renewable energyMohammad Momeny 1 , Sorayya Gharravi 2 , Fateme Hourali 3
1 - PhD Student – Dept. of Computer Engineering, Yazd University, Yazd, Iran
2 - Indicator – Electrical and Computer College, Esfarayne Higher Education Complex, Northern Khorasan, Esfarayene, Iran
3 - Indicator – Electrical and Computer College, Esfarayne Higher Education Complex, Northern Khorasan, Esfarayene, Iran
Keywords: TCP, PSO Algorithm, DoS, SYN Flooding Attacks, Adaptive Effective Filter,
Abstract :
TCP connection management is susceptible to a classic attack called SYN-flooding. In this attack, the source sends a large number of SYN segments to the victim system, without completing the third step of the three-step handshaking algorithm. This lead to consuming the resources allocated to communicate with under attack system and bandwidth of the network quickly and, as a result, system cannot continue to work and engage in unnecessary requests. This paper models the attacked system using quadratic theory and maps the problem of defense against SYN-flooding attacks into an optimization problem. Then, using an effective adaptive filter combination with the PSO algorithm, it presents its proposed method and solves this problem. The simulation results show that the proposed defense mechanism has a significant performance in terms of the amount of blocked requests, the likelihood of success in communication, the likelihood of success of the attacker, and the optimal use of the dedicated buffer.
[1] M. Korczynski, L. Janowski, A. Duda, “An accurate sampling scheme for detecting SYN flooding attacks”, Proceeding of the IEEE/ICC, pp. 1-5, Kyoto, Japan, June 2011 (doi:10.1109/icc.2011.5962593).
[2] S.H.C. Haris, R.B. Ahmad, M.A.H.A. Ghani, "Detecting TCP SYN flood attack based on anomaly detection", Proceeding of the IEEE/Netapps, pp. 240-244, Kedah, Malaysia, Sep. 2010 (doi:10.1109/NETAPPS.2010.50).
[3] N. B.I. Al-Dabagh, I.A. Ali, "Design and implementation of artificial immune system for detecting flooding attacks", Proceeding of the IEEE/HPCSim, pp. 381-390, Istanbul, Turkey, July 2011 (doi:10.1109/HPCSim.2011.5999850).
[4] H. Safaa, “A collaborative defense mechanism against SYN flooding attacks in IP networks”, Journal of Network and Computer Applications, Vol. 31, pp. 509–534, Nov. 2008 (doi:10.1016/j.jnca.2007.12.004).
[5] B. Xiao, W. Chen, Y. He, "An autonomous defense against SYN flooding attacks: Detect and throttle attacks at the victim side independently", Journal of Parallel and Distributed Computing archive, Vol. 68 No. 4, pp. 456-470, April 2008 (doi:10.1016/j.jpdc.2007.06.013).
[6] S. G. Bhirud, V. Katkar, "SYN flood attack prevention using main-memory database management system", Proceeding of the IEEE/AH-ICI, pp. 1-6, Kathmandu, Nepal, Nov. 2011 (doi: 10.1109/ AHICI.2011.6113945).
[7] L. Arshadi, A. Jahangir, "Entropy based SYN flooding detection", Proceeding of the IEEE/LCN, pp. 139-142, Bonn, Germany, Oct. 2011 (doi:10.1109/LCN.2011.6115171).
[8] T. Kim, Y. Choi, J. Kim, S. Je Hong, "Annulling SYN flooding attacks with whitelist", Proceeding of the IEEE/WAINA, Okinawa, Japan, March 2008 (doi:10.1109/WAINA.2008.218).
[9] Y.W. Chen, "Study on the prevention of SYN flooding by using traffic policing", Proceeding of the IEEE/NOMS, April 2000 (doi:10.1109/NOMS.2000.830416).
[10] Q. Xiaofeng, H. Jihong, C. Ming, "A mechanism to defend SYN flooding attack based on network measurement system", Proceeding of the IEEE/ITRE, June/July 2004 (doi:10.1109/ITRE.2004.1393677).
[11] Y. Wang , C. Lin , Q. Li, Y. Fang ,"A queueing analysis for the denial of service (DoS) attacks in computer network", Computer Networks, Vol. 51, pp. 3564–3573, Aug. 2007 (doi:10.1016/j.comnet.2007.02.011).
[12] S. Khan, I. Traore, "Queue-based analysis of DoS attacks", Proceeding of the IEEE/IAW, pp. 266–273, West Point, NY, June 2005 (doi: 10.1109/IAW.2005.1495962).
[13] F. Khajeh-khalili, M.A. Honarvar, "Design and simulation of a wilkinson power divider with high isolation for tri-band operation using PSO algorithm", Journal of Intelligent Procedures in Electrical Technology, Vol. 6, No. 23, pp. 13-20, Autumn 2015 (Text in Persian).
[14] H. Li, D. Yang, W. Su, J. Lü, X. Yu, "An overall distribution particle swarm optimization MPPT algorithm for photovoltaic system under partial shading", IEEE Trans.on Industrial Electronics, Vol. 66, No. 1, pp. 265-275, Jan. 2019 (doi:10.1109/TIE.2018.2829668).
[15] R. C. Gonzalez, R. E. Wood, Digital Image Processing, Prentice Hall, 2002.
[16] M. M. Javidi, R. Hoseinpour-Fard, S. Khatami, M. Jampour, "An effective adaptive technique for impulse noise detection and reduction in digital images", Proceeding of the IEEE/HIS, pp. 217-229, Melacca, Malaysia , Dec. 2011 (doi:10.1109/HIS.2011.6122108).
[17] M. Bekravi, S. Jamali, G. Shaker, "Defense against SYN-flood denial of service attacks based on learning automata", International Journal of Computer Science, vol. 9, No. 3, pp. 514-520, 2012.
_||_