The World Academy of Research in Science and Engineering (WARSE)
SYN flood attack is a Distributed Denial of Service attack (DDoS). This paper presents an effective and more accurate mechanism to detect synflood attack. In the proposed SYN-flood defense mechanism, different transport layer parameters are used to characterize attack, like abnormal increase in SYN packet, SYN-ACK packets and increase in SYN/FIN rate. Lyapunov exponent developed using prediction error is used as a threshold to detect attack. Out of the three parameters analyzed using same method, at least two results must be same which is taken as the final decision.