A classification approach for adaptive mitigation of SYN flood attacks: Preventing performance loss due to SYN flood attacks

Alptugay Degirmencioglu, Hasan Tugrul Erdogan, Mehrdad A. Mizani, Oǧuz Yilmaz

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

SYN flood is a commonly used Distributed Denial of Service (DDoS) attack. SYN flood DDoS attacks consume considerable amount of resources in the target machine. Even with straightforward mitigation solutions, any attack causes resource waste and performance loss in the server, rendering it unable to provide service to legitimate clients. We propose an approach for SYN flood attack mitigation based on supervised learning classification methods which identify and block SYN flood traffic before they reach their target, hence preventing resource consumption and loss of performance. At this stage, our method identifies SYN flood attack and applies the classifier models in batch mode. This method chooses the classifiers and adjusts the parameters according to the policies and the changing characteristics of SYN flood attack.

Original languageEnglish
Title of host publicationProceedings of the NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1109-1112
Number of pages4
ISBN (Electronic)9781509002238
DOIs
Publication statusPublished - 30 Jun 2016
Event2016 IEEE/IFIP Network Operations and Management Symposium, NOMS 2016 - Istanbul, Turkey
Duration: 25 Apr 201629 Apr 2016

Conference

Conference2016 IEEE/IFIP Network Operations and Management Symposium, NOMS 2016
Country/TerritoryTurkey
CityIstanbul
Period25/04/1629/04/16

Keywords

  • classification
  • DDoS
  • SYN flood

Fingerprint

Dive into the research topics of 'A classification approach for adaptive mitigation of SYN flood attacks: Preventing performance loss due to SYN flood attacks'. Together they form a unique fingerprint.

Cite this