This disclosure describes a method to mitigate the type of denial-of-service attack called the SYN flood attack on the web servers. The mitigating system consists of a group of client computers, a group of proxy computers, a group of web servers and a search engine. Each client computer can access only one particular proxy computer in this system and cannot access any other computer in this system. The client computers surf the web while downloading and uploading content via the proxy computers and the search engine. Even with the capability of the client computers to execute an SYN flood attack as in the conventional settings, the system will prevent the client computers from doing so. This is achieved by restricting the reach of the client computers only up to the proxy computers. If ever there could be any SYN flood attack in the system, it will be only between the internet link of the attack executing the client computer and its corresponding internet gateway proxy computer. In which case, only the internet gateway of the attacking client computer gets obstructed and the rest of the system remains unaffected.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
abeysekera, punarjeewa, "SYN Flood Attack Mitigating System", Technical Disclosure Commons, (May 25, 2021)