In-Network SYN Flooding DDoS Attack Detection Utilizing P4 Switches

DSpace Repository

Show simple item record Golchin, Pegah Anderweit, Leonard Zobel, Julian Kundel, Ralf Steinmetz, Ralf 2022-04-08T07:41:58Z 2022-04-08T07:41:58Z 2022-04-07
dc.identifier.uri de_DE
dc.description.abstract With the rapid development of Internet applications, the demand for reliable online services similarly increases. However, Distributed Denial-of-Service (DDoS) attacks disrupt the accessibility and the availability of online services. Therefore, DDoS detection and mitigation are crucial tasks to achieve high service availability. In this paper, we propose a novel in-network detection scheme for SYN flooding, the most prevalent type of DDoS attacks. By relocating the attack detection from a centralized controller to programmable P4 switches, the detection time is reduced, and the workload is distributed in the network. Extending passive classification methods, we propose an active detection mechanism, identifying SYN flooding DDoS attacks by selective packet dropping. By this, we expect more accurate detections compared to the state-of-the-art under congested network conditions. en
dc.language.iso en de_DE
dc.publisher Universität Tübingen de_DE
dc.subject.ddc 004 de_DE
dc.title In-Network SYN Flooding DDoS Attack Detection Utilizing P4 Switches en
dc.type ConferencePaper de_DE
utue.publikation.fachbereich Informatik de_DE
utue.publikation.fakultaet 7 Mathematisch-Naturwissenschaftliche Fakultät de_DE
utue.opus.portal kuvs-nets3 de_DE
utue.publikation.noppn yes de_DE


This item appears in the following Collection(s)

Show simple item record