Defense against SYN-Flood Denial of Service Attacks Based on Learning Automata
SYN-flooding attack uses the weakness available in TCPs three-way handshake process to keep it from handling legitimate requests. This attack causes the victim host to populate its backlog queue with forged TCP connections. In other words it increases Ploss (probability of loss) and Pa (buffer occupancy percentage of attack requests) and decreases Pr (buffer occupancy percentage of regular requests) in the victim host and results to decreased performance of the host. This paper proposes a self-managing approach, in which the host defends against SYN-flooding attack by dynamically tuning of its own two parameters, that is, m (maximum number of half-open connections) and h (hold time for each half-open connection). In this way, it formulates the defense problem to an optimization problem and then employs the learning automata (LA) algorithm to solve it. The simulation results show that the proposed defense strategy improves performance of the under attack system in terms of Ploss, Pa and Pr.
Keywords: SYN-flooding, DoS, TCP, Learning automata, queuing model.
Download Full-Text
ABOUT THE AUTHORS
Masoud Bekravi
Masoud Bekravi received his B.Sc. and M.Sc. degrees in Electrical Engineering and Computer Engineering in 2004 (Islamic Azad university-Ardabil branch) and 2007 (Islamic Azad university-Arak branch) respectively. Now he is faculty member in the CE department, Islamic Azad University Ardabil branch. His research interests are power system, artificial intelligence, swarm robotics and Computer systems.
Shahram Jamali
Shahram Jamali is an assistant professor leading the Autonomic Networking Group at the Department of Engineering, University of Mohaghegh Ardabili. He teaches on computer networks, network security, computer architecture and computer systems performance evaluation. Dr. Jamali received his M.Sc. and Ph.D. degree from the Dept. of Computer Engineering, Iran University of Science and Technology in 2001 and 2007, respectively. Since 2008, he is with Department of Computer Engineering, University of Mohaghegh Ardabil and has published more than 50 conference and journal papers.
Gholam Shaker
Gholam Shaker received her B.Sc. from Payam Noor University Ardabil, Iran, a M.Sc. (2011) from IAU (Islamic Azad University Zanjan branch) University. All are in computer engineering. he is currently Teaching in Department of Computer Science at IAU University. His research interests include Quality of Service and IDS.
Masoud Bekravi
Masoud Bekravi received his B.Sc. and M.Sc. degrees in Electrical Engineering and Computer Engineering in 2004 (Islamic Azad university-Ardabil branch) and 2007 (Islamic Azad university-Arak branch) respectively. Now he is faculty member in the CE department, Islamic Azad University Ardabil branch. His research interests are power system, artificial intelligence, swarm robotics and Computer systems.
Shahram Jamali
Shahram Jamali is an assistant professor leading the Autonomic Networking Group at the Department of Engineering, University of Mohaghegh Ardabili. He teaches on computer networks, network security, computer architecture and computer systems performance evaluation. Dr. Jamali received his M.Sc. and Ph.D. degree from the Dept. of Computer Engineering, Iran University of Science and Technology in 2001 and 2007, respectively. Since 2008, he is with Department of Computer Engineering, University of Mohaghegh Ardabil and has published more than 50 conference and journal papers.
Gholam Shaker
Gholam Shaker received her B.Sc. from Payam Noor University Ardabil, Iran, a M.Sc. (2011) from IAU (Islamic Azad University Zanjan branch) University. All are in computer engineering. he is currently Teaching in Department of Computer Science at IAU University. His research interests include Quality of Service and IDS.
