Abstract
In the recent years, SDN is an emerging architecture that is ideal for today’s application. It is dynamic and also cost-effective in order to deal with the networking application. It consists of two planes, namely data plane and control plane that are separated from each other. Open flow is the default protocol that has been used in SDN, and it works on the basis of rules framed by the control plane. It may lead to a denial-of-service attack called control plane saturation attack. To overcome this attack, Avant-Guard technique [2] was introduced which overcomes the control plane saturation attack but it leads to another attack called Buffer saturation attack due to SYN flooding. Then, Line Switch technique was introduced with proxy to blacklist the spoofed IP address in order to block the node. But it was not a permanent solution to the problem. Therefore, we proposed a Block Link Flooding (BLF) algorithm which uses Legitimate User Table (LUT) to provide an effective solution. From the experimental results, our Block Link Flooding algorithm is able to identify and block the spoofed IPs and discards the link to the server. This technique is efficient for saving energy up to 33%.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Peng, T., Leckie, C., Ramamohanarao, K.: Survey of network-based defense mechanisms countering the DoS and DDoS problems. ACM Comput. Surv. 39(1) (2007)
Shin, S., Yegneswaran, V., Porras, P., Gu, G.: Avant-Guard—Connection Migration. AVANT-GUARD: Scalable and Vigilant Switch Flow Management in Software-defined Networks. In: CCS’13, pp. 413–424 (2013)
Wang, H., Xu, L., Gu, G.: OF-GUARD: a DoS attack prevention extension in software-defined networks. USENIX Open Network Summit (2014)
Benton, K., Camp, L.J., Small, C.: Open flow vulnerability assessment. In: HotSDN, pp. 151–152 (2013)
Kloti, R., Kotronis, V., Smith, P.: Open flow: a security analysis. In: ICNP’13, pp. 1–6 (2013)
Ambrosin, M., Conti, M., De Gaspari, F.: University of Padua, Italy, Radha Poovendran University of Washington, USA. LineSwitch: efficiently managing switch flow in software-defined networking while effectively tackling DoS attacks. In: ASIA CCS’15, 14–17 Apr 2015, Singapore
Ahmad, I., Namal, S., Ylianttila, M., Gurtov, A.: Security in software defined networks: a survey. IEEE Commun. Surv. Tutor. 17(4), 2317–2346 (2015)
Kandoi, R., Antikainen, M.: Denial-of-service attacks in open flow SDN. In: IFIP 2015
Saini, S., Fehnker, A.: Evaluating the stream control transmission protocol using Uppaal. In: Formal Analysis of Real Systems (MARS 2017) EPTCS 244, 2017, pp. 1–13. https://doi.org/10.4204/eptcs.244.1
Gkountis, C., Taha, M., Lloret, J., Kambourakis, G.: Lightweight algorithm for protecting SDN controller against DDoS attacks. In: 2017 10th IFIPValencia, Spain on Published in Wireless and Mobile Networking Conference (WMNC), 25–27 Sept 2017
Wang, G., Zhao, Y., Huang, J., Duan, Q., Li, J.: A K-means-based network partition algorithm for controller placement in software defined network. In: 2016 IEEE International Conference on Published in Communications (ICC), 22–27 May 2016 Kuala Lumpur, Malaysia
Hu, F., Hao, Q., Bao, K.: A survey on software-defined network and openflow: from concept to implementation. In: Published in IEEE Communications Surveys & Tutorials, vol. 16, Issue 4, Fourthquarter 2014
Hu, Y., Wang, W., Gong, X., Que, X., Cheng, S.: On reliability-optimized controller placement for software-defined networks. Published in: China Communications, vol. 11, Issue: 2, Feb 2014
Shang, G., Zhe, P., Bin, X., Aiqun, H., Kui, R.: FloodDefender: protecting data and control plane resources under SDN-aimed DoS attacks. www4.comp.polyu.edu.hk/~csbxiao/paper/…/2017_INFOCOM_FloodDefender.pdf
Ambrosin, M., Student Member, IEEE, Conti, M., Senior Member, IEEE, De Gaspari, F., Poovendran, R., Fellow, IEEE: LineSwitch: tackling control plane saturation attacks in software-defined networking. https://www2.ee.washington.edu/research/nsl/papers/TON.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Nalayini, C.M., Katiravan, J. (2019). Block Link Flooding Algorithm for TCP SYN Flooding Attack. In: Smys, S., Bestak, R., Chen, JZ., Kotuliak, I. (eds) International Conference on Computer Networks and Communication Technologies. Lecture Notes on Data Engineering and Communications Technologies, vol 15. Springer, Singapore. https://doi.org/10.1007/978-981-10-8681-6_83
Download citation
DOI: https://doi.org/10.1007/978-981-10-8681-6_83
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-8680-9
Online ISBN: 978-981-10-8681-6
eBook Packages: EngineeringEngineering (R0)