We had to implement this paper for the final project. The algorithm described in the paper only takes into account the most recently installed temp flow packet count (even worse, it requests stats from the switch shortly after the flow is installed.) This will cause ALL source IP addresses to be blocked eventually.
After doing some research I realized that the publisher is identified as predatory by several sources and the aforementioned paper might not have gone through the standard assessment process of other respected publishers. Having this said, I had to do some modifications to the algorithm to make it work as expected. The whole method IMO is still very naive and fragile but this implementation can - at least - mitigate the attack scenarios described in the paper.
- Setup a Mininet VM
- Copy synfloodblocker.py to
$HOME/pox/pox/misc
- Run
python $HOME/pox.py py --completion log.level --DEBUG misc.synfloodblocker
- Create a directory and copy all other python scripts to that directory.
- cd to that directory and run
python topo.py
Except where otherwise noted, content on this repository is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.