Efficient SYN Spoofing Detection and Mitigation Scheme for DDoS Attack

Abstract

Protection of critical server from cyber attacks is vital, especially in the case of active attacks like Distributed Denial of Service (DDoS). Seamless services are provided by the constant availability of the server which plays an important factor in providing the customer good Quality of Service (QoS). Monitoring and rate limiting the flow of packets will protect the victim systems by allowing only trusted users during the DDoS attack. The job of the security professionals becomes complex, when the attacks are launched from trusted IP addresses, using Synchronization (SYN) spoofing. The work presented in this paper is experimented with Efficient Spoofed Mitigation Scheme (ESMS) which uses the TCP probing method along with the bloom filter trust model. The proposed scheme provides accurate and robust information for the detection and controlling of the spoofed packets, during the DDoS attacks.