 |
 |
|
|
|
Abstract: SYN Flood attack is still one of major distributed denial of service attacks. Any network device or computer system with connection state table have the possibility of suffering from this attack. Such attack not only occurs application server but also network infrastructure. Moreover, under asymmetric routing environment, unidirectional traffic problem makes it more difficult to defend against SYN Flood attack. In allusion to this problem, this paper presents a novel SYN Flood defense architecture. It consists of a light-weight detection method and a hierarchical connection management strategy. We verify the feasibility and effectiveness of our method through experiments in real network environment. The results show that our proposed method can mitigate the influence brought by SYN Flood attack.
|