SmartCookie: Blocking Large-Scale SYN Floods with a Split-Proxy Defense on Programmable Data Planes
Sophia Yoo
33rd USENIX Security Symposium · Day 1 · USENIX Security '24
In an era where cyberattacks are increasingly sophisticated and volumetric, the persistent threat of **SYN flooding** remains a significant challenge for network providers. Despite being a known attack vector since the mid-1990s, SYN floods are still ranked as the second most common form of Denial-of-Service (DoS) attack. In her talk at USENIX Security '24, Sophia Yoo presented "SmartCookie," a novel split-proxy defense designed to mitigate large-scale SYN flooding attacks by strategically leveraging programmable data planes.
AI review
This talk isn't just another take on SYN flood mitigation; it's a foundational blueprint for high-performance, cryptographically sound network defense. SmartCookie's intelligent split-proxy architecture, leveraging P4 and eBPF, delivers genuine novelty and critical impact by addressing long-standing scalability and security issues in an elegant, practical manner. This is the kind of engineering the industry desperately needs.