Approach to Prevent SYN Flood DoS Attacks in Cloud

Abstract

Denial-of-service (DOS) attacks are the most frequent attacks in Cloud. Usually this type of attack consists in sending a large number of requests that will overwhelm the functioning of Cloud. DOS attack implies IP spoofing because each request needs to be different. So the server will consume its resources and it will not be able to reply to a legitimate connection request. SYN floods are the second most common type of DOS attack for Cloud in the last 3 years. SYN floods exploit the flaws in TCP three-way handshake procedures. The attacker sends multiple SYN requests from a spoofed IP address. The server will allocate all the resources needed without receiving any ACK from the attacker. We propose an approach of solving this type of attack for Big Data in Cloud while respecting the Service Level Agreement (SLA) and show that the improvement is considerable.