On Modeling Counteraction against TCP SYN Flooding

Springer-Verlag Lecture Notes in Computer Science, vol. 5200, pp. 574-583, Aug. 2008

Vladimir V. Shakhov and Hyunseung Choo


One of the main problems of network security is Distributed Denial of Service (DDoS) caused by TCP SYN packet flooding. To counteract SYN flooding attack, several defense methods have been proposed. In this paper we investigate a survivability of protected servers under SYN flooding. Analysis and comparison of some typical and well-known defense mechanisms are presented. We discuss critical parameters of the protection. Appropriated mathematical models based on stochastic processes are produced.




View Full Text