Title: Enhanced efficient SYN spoofing detection and mitigation scheme for DDoS attacks

Authors: L. Kavisankar; C. Chellappan; S. Venkatesan; P. Sivasankar

Addresses: Department of Computer Science and Engineering, Hindustan Institute of Technology and Science, Chennai 600025, India ' GKM College of Engineering and Technology, Chennai 600063, India ' Indian Institute of Information Technology, Allahabad, Allahabad 211012, India ' Electronics Engineering Department, NITTR, Chennai 600113, India

Abstract: Protection of critical server from cyber attacks is vital, especially in the case of active attacks like distributed denial of service (DDoS). Generally, denial of service (DoS) is an action that prevents or impairs the authorized use of networks, systems or applications by exhausting the resources, such as central processing units (CPU), memory, bandwidth and disk space. The job of the security professionals becomes complex, when the attacks are launched from trusted IP addresses, using synchronization (SYN) spoofing. The work presented in this paper is experimented with efficient spoofed mitigation scheme (ESMS) which uses the TCP probing method along with the bloom filter trust model. The experiment is carried out in both IPv4 and IPv6 environment in the smart and secure environment (SSE) real time test bed and the proposed scheme provides accurate and robust information for the detection and controlling of the spoofed packets during the DDoS attacks.

Keywords: distributed denial of service; DDoS; efficient spoofed mitigation scheme; ESMS; IP spoofing; SYN spoofing; TCP SYN flooding; trust value.

DOI: 10.1504/IJITST.2018.095936

International Journal of Internet Technology and Secured Transactions, 2018 Vol.8 No.4, pp.583 - 600

Received: 27 Apr 2017
Accepted: 29 Jul 2017
Published online: 05 Nov 2018 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article