Search engine for discovering works of Art, research articles, and books related to Art and Culture
Javascript must be enabled to continue!
DoSDefender: A Kernel-Mode TCP DoS Prevention in Software-Defined Networking
View through CrossRef
The limited computation resource of the centralized controller and communication bandwidth between the control and data planes become the bottleneck in forwarding the packets in Software-Defined Networking (SDN). Denial of Service (DoS) attacks based on Transmission Control Protocol (TCP) can exhaust the resources of the control plane and overload the infrastructure of SDN networks. To mitigate TCP DoS attacks, DoSDefender is proposed as an efficient kernel-mode TCP DoS prevention framework in the data plane for SDN. It can prevent TCP DoS attacks from entering SDN by verifying the validity of the attempts to establish a TCP connection from the source, migrating the connection, and relaying the packets between the source and the destination in kernel space. DoSDefender conforms to the de facto standard SDN protocol, the OpenFlow policy, which requires no additional devices and no modifications in the control plane. Experimental results show that DoSDefender can effectively prevent TCP DoS attacks in low computing consumption while maintaining low connection delay and high packet forwarding throughput.
Title: DoSDefender: A Kernel-Mode TCP DoS Prevention in Software-Defined Networking
Description:
The limited computation resource of the centralized controller and communication bandwidth between the control and data planes become the bottleneck in forwarding the packets in Software-Defined Networking (SDN).
Denial of Service (DoS) attacks based on Transmission Control Protocol (TCP) can exhaust the resources of the control plane and overload the infrastructure of SDN networks.
To mitigate TCP DoS attacks, DoSDefender is proposed as an efficient kernel-mode TCP DoS prevention framework in the data plane for SDN.
It can prevent TCP DoS attacks from entering SDN by verifying the validity of the attempts to establish a TCP connection from the source, migrating the connection, and relaying the packets between the source and the destination in kernel space.
DoSDefender conforms to the de facto standard SDN protocol, the OpenFlow policy, which requires no additional devices and no modifications in the control plane.
Experimental results show that DoSDefender can effectively prevent TCP DoS attacks in low computing consumption while maintaining low connection delay and high packet forwarding throughput.
Related Results
Physicochemical Properties of Wheat Fractionated by Wheat Kernel Thickness and Separated by Kernel Specific Density
Physicochemical Properties of Wheat Fractionated by Wheat Kernel Thickness and Separated by Kernel Specific Density
ABSTRACTTwo wheat cultivars, soft white winter wheat Yang‐mai 11 and hard white winter wheat Zheng‐mai 9023, were fractionated by kernel thickness into five sections; the fractiona...
Genetic Variation in Potential Kernel Size Affects Kernel Growth and Yield of Sorghum
Genetic Variation in Potential Kernel Size Affects Kernel Growth and Yield of Sorghum
Large‐seededness can increase grain yield in sorghum [Sorghum bicolor (L.) Moench] if larger kernel size more than compensates for the associated reduction in kernel number. The ai...
Sorghum Kernel Weight
Sorghum Kernel Weight
The influence of genotype and panicle position on sorghum [Sorghum bicolor (L.) Moench] kernel growth is poorly understood. In the present study, sorghum kernel weight (KW) differe...
Breast Carcinoma within Fibroadenoma: A Systematic Review
Breast Carcinoma within Fibroadenoma: A Systematic Review
Abstract
Introduction
Fibroadenoma is the most common benign breast lesion; however, it carries a potential risk of malignant transformation. This systematic review provides an ove...
Employees’ use of social networking sites and job performance
Employees’ use of social networking sites and job performance
Abstract
This study was designed to explore the purpose to which employees use social networking sites and examine its effect on their performance. Using data from 203 resp...
Three Modes of Database-Kernel Integration via eBPF: Observability, Policy Injection, and Kernel-Resident State
Three Modes of Database-Kernel Integration via eBPF: Observability, Policy Injection, and Kernel-Resident State
eBPF is increasingly used around databases, but prior systems and papers often conflate goals and therefore blur the trade space: instrumentation versus control versus in-kernel st...
Implementation of Network Address Translation Using TCP/IP Model In Internet Communication System
Implementation of Network Address Translation Using TCP/IP Model In Internet Communication System
Nowadays, many people will be used internet that for their work, communication, education, economic and organization necessary that is used today. Network address translation (NAT)...
Safety of concomitant tranylcypromine treatment during electroconvulsive therapy (ECT) series
Safety of concomitant tranylcypromine treatment during electroconvulsive therapy (ECT) series
IntroductionTranylcypromine (TCP), an irreversible monoamine oxidase inhibitor (MAOI), is recommended for difficult-to-treat depression. Besides the requirement of a low-tyramine d...