Research Article
Toward a Real-Time TCP SYN Flood DDoS Mitigation Using Adaptive Neuro-Fuzzy Classifier and SDN Assistance in Fog Computing
| input: incoming packet of traffic flow to the switch | | output: response with flow classification and decision | | if packet matched in the flow table | | Apply the rule in the flow table; | | else | | Forward packet to SDFN-server; | | Apply ANFIS classifier; | | if flow classified as malicious packet then | | Retrieve the Mac address of the attacker; | | Update rule table in flow table with a malicious user; | | Make a decision: | | Drop the packets with this source Mac address; | | Block the infected switch port; | | else | | Update rule table in SDN with the legitimate user; | | Make decision: Forward the packet to destination; | | end if | | end if |
|