Study on the prevention of SYN flooding by using traffic policing

In this paper, the usage parameter control (UPC) mechanisms, adopted in asynchronous transfer mode (ATM) networks, are applied to prevent the network server from SYN flooding attack. The basic idea of the proposed scheme is to consider the server being congested during SYN flooding attack, and the UPC is used as a traffic control mechanism to regulate a great number of arrival SYN packets so that the server can be prevented from denial of services (DoS). Both the sliding window and leaky bucket mechanisms are studied to examine the defense effectiveness. Parameters of the sliding window and leaky bucket are determined according to the abort time, buffer status of the server, and the predicted packet arrival rate. This method provides an alternative concept on security management of network servers. The experimental results also show that the proposed method can effectively prevent the server from SYN flooding attack