Research Repository

Robust dynamic network traffic partitioning against malicious attacks

Xiong, Bing and Yang, Kun and Zhao, Jinyuan and Li, Keqin (2017) 'Robust dynamic network traffic partitioning against malicious attacks.' Journal of Network and Computer Applications, 87. 20 - 31. ISSN 1084-8045

[img]
Preview
Text
1-s2.0-S1084804516300637-main.pdf - Accepted Version

Download (893kB) | Preview

Abstract

The continual growth of network traffic rates leads to heavy packet processing overheads, and a typical solution is to partition traffic into multiple network processors for parallel processing especially in emerging software-defined networks. This paper is thus motivated to propose a robust dynamic network traffic partitioning scheme to defend against malicious attacks. After introducing the conceptual framework of dynamic network traffic partitioning based on flow tables, we strengthen its TCP connection management by building a half-open connection separation mechanism to isolate false connections in the initial connection table (ICT). Then, the lookup performance of the ICT table is reinforced by applying counting bloom filters to cope with malicious behaviors such as SYN flooding attacks. Finally, we evaluate the performance of our proposed traffic partitioning scheme with real network traffic traces and simulated malicious traffic by experiments. Experimental results indicate that our proposed scheme outperforms the conventional ones in terms of packet distribution performance especially robustness against malicious attacks.

Item Type: Article
Uncontrolled Keywords: Dynamic traffic partitioning; SYN flooding attacks; Half-open connection separation; Counting bloom filters
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: Faculty of Science and Health > Computer Science and Electronic Engineering, School of
Depositing User: Jim Jamieson
Date Deposited: 10 Jun 2016 15:23
Last Modified: 25 Sep 2018 14:15
URI: http://repository.essex.ac.uk/id/eprint/16912

Actions (login required)

View Item View Item