Research Article
SDNDefender: A Comprehensive DDoS Defense Mechanism Using Hybrid Approaches over Software Defined Networking
Table 4
Common malformed packet attacks.
| | Attack | Protocol | Feature |
| | IP option | IP | DF flag = 1, MF flag = 1 or DF flag = 1, offset > 0 | | Teardrop | IP | Offsets are overlapped or staggered | | IP null | IP | Protocol field in the packet header is set to 0 | | CharGEN | UDP/TCP | Destination port is set to 19 | | Fraggle | UDP | Destination IP is a broadcast one, destination port is set to 7 or 19 | | Snork | UDP | Source port is set to 7, 19, or 135, destination port is set to 135 | | Smurf | ICMP | Source IP is set to a broadcast one | | Ping of death | ICMP | Packet’s length is bigger than 65535 bytes | | Land | TCP | SYN packet’s source IP is same to its destination IP | | WinNuke | TCP | Destination port is set to 139, URG flag = 1 | | TCP option | TCP | SYN flag = 1, FIN flag = 1 or FIN flag = 1, ACK flag = 0 or SYN = ACK = FIN = RST = PSH = 0 |
|
|
