• Dynamic and self-adjusting detection threshold • Better mitigation and response time • High accuracy and efficiency
USF inventors have developed a mechanism in which they first examine the impact of the SYN saturation against the data—to—control layer and then follow a novel approach based on the additive increase/multiplicative-decrease (AIMD) algorithm to dynamically calculate and update the threat detection threshold in real time to capture malicious SYN flooding traffic. As dynamic SYN flooding is a security threat in SDN environment, the inventors have developed a SYNGuard which is a lightweight kernel space security framework to identify and mitigate the SYN flood type of DoS attacks. The SYNGuard solution is implemented through an open source SDN controller software and tested over a real world heterogeneous and federate testbed. The experimental findings have demonstrated SYNGuard efficiency and offers a scalable security mechanism for SDN-enabled environments against SYN flooding threats.
Average Threat Mitigation Time Comparison Between SYNGuard, Snort and Zeck