Defense Method Against TCP SYN Flooding Attack
In this paper, the authors propose a defense mechanism against TCP SYN flooding attacks. The proposed method is a hybrid method as it defend the Internet against Denial of Service (DoS) and the Servers using TCP by sniffing both incoming and outgoing IP packets at ISP edge router providing both attacker side as well as victim side defense. Server firewalls find it difficult to distinguish between SYN flood attack packets and normal TCP connections. Another problem is single-point defenses (e.g. firewalls) lack the scalability needed to handle an increase in the attack traffic.