Distributed Denial of Service (DDoS)

-

Distributed denial of service (DDoS) attacks are a subclass of denial of service (DoS) attacks. A DDoS attack involves multiple connected online devices, collectively known as a botnet, which are used to overwhelm a target website with fake traffic.

Unlike other kinds of cyberattacks, DDoS assaults don’t attempt to breach your security perimeter. Rather, a DDoS attack aims to make your website and servers unavailable to legitimate users. DDoS can also be used as a smokescreen for other malicious activities and to take down security appliances, breaching the target’s security perimeter.

A successful distributed denial of service attack is a highly noticeable event impacting an entire online user base. This makes it a popular weapon of choice for hacktivists, cyber vandals, extortionists and anyone else looking to make a point or champion a cause.

DDoS attacks can come in short bursts or repeat assaults, but either way the impact on a website or business can last for days, weeks and even months, as the organization tries to recover. This can make DDoS extremely destructive to any online organization. Amongst other things, DDoS attacks can lead to loss of revenues, erode consumer trust, force businesses to spend fortunes in compensations and cause long-term reputation damage.

DoS vs. DDoS

The differences between regular and distributed denial of service assaults are substantive. In a DoS attack, a perpetrator uses a single Internet connection to either exploit a software vulnerability or flood a target with fake requests—usually in an attempt to exhaust server resources (e.g., RAM and CPU).

On the other hand, distributed denial of service (DDoS) attacks are launched from multiple connected devices that are distributed across the Internet. These multi-person, multi-device barrages are generally harder to deflect, mostly due to the sheer volume of devices involved. Unlike single-source DoS assaults, DDoS attacks tend to target the network infrastructure in an attempt to saturate it with huge volumes of traffic.

Types of DDoS attacks

DoS attacks can be divided into two general categories—application layer attacks and network layer attacks. Each of these types of DDoS attacks define certain parameters and behaviors used during the attack, as well as the target of the attack.

  1. Application layer attacks (a.k.a., layer 7 attacks) can be either DoS or DDoS threats that seek to overload a server by sending a large number of requests requiring resource-intensive handling and processing. Among other attack vectors, this category includes HTTP floods, slow attacks (e.g., Slowloris or RUDY) and DNS query flood attacks.
Gaming website hit with a massive DNS flood, peaking at over 25 million packets per second

Gaming website hit with a massive DNS flood, peaking at over 25 million packets per second

The size of application layer attacks is typically measured in requests per second (RPS), with no more than 50 to 100 RPS being required to cripple most mid-sized websites.

  1. Network layer attacks (a.k.a., layer 3–4 attacks) are almost always DDoS assaults set up to clog the “pipelines” connecting your network. Attack vectors in this category include UDP floodSYN floodNTP amplification and DNS amplification attacks, and more.

Any of these can be used to prevent access to your servers, while also causing severe operational damages, such as account suspension and massive overage charges.

DDoS attacks are almost always high-traffic events, commonly measured in gigabits per second (Gbps) or packets per second (PPS). The largest network layer assaults can exceed hundreds  Gbps; however, 20 to 40 Gbps are enough to completely shut down most network infrastructures.

How to stop DDoS attacks: DIY

You can’t prevent DoS assaults. Cybercriminals are going to attack. Some are going to hit their targets, regardless of the defenses in place. However, there are a few preventive measures you can take on your own:

  • Monitoring your traffic to look for abnormalities, including unexplained traffic spikes and visits from suspect IP address and geolocations. All of these could be signs of attackers performing “dry runs” to test your defenses before committing to a full-fledged attack. Recognizing these for what they are can help you prepare for the onslaught to follow.
  • Keep an eye on social media (particularly Twitter) and public waste bins (e.g., Pastebin.com) for threats, conversations and boasts that may hint on an incoming attack.
  • Consider using third-party DDoS testing (i.e., pen testing) to simulate an attack against your IT infrastructure so you can be prepared when the moment of truth arrives. When you undertake this, test against a wide variety of attacks, not just those with which you are familiar with.
  • Create a response plan and a rapid response team, meaning a designated group of people whose job is to minimize the impact of an assault. When you plan, put in place procedures for your customer support and communication teams, not just for your IT professionals.

To truly protect against modern DDoS attacks, you should use a DDoS mitigation solution. Solutions can be deployed on-premises, but are more commonly provided as a service by third-party providers. 

Presented by
S. Viswanath (22UCA049)

Organized by
Dr. M K Prakash
Reference Link:
https://www.imperva.com/learn/ddos/denial-of-service/

Comments

Post a Comment

Popular posts from this blog

Design Thinking

-
Image
  What is Design Thinking (DT)? Design thinking is a non-linear, iterative process that teams use to understand users, challenge assumptions, redefine problems and create innovative solutions to prototype and test. It is most useful to tackle ill-defined or unknown problems and involves five phases: Empathize, Define, Ideate, Prototype and Test.   Importance of Design Thinking “Design thinking is a human-centered approach to innovation that draws from the designer's toolkit to integrate the needs of people, the possibilities of technology, and the requirements for business success.” - Tim Brown, CEO of IDEO Design thinking  fosters innovation . Companies must innovate to survive and remain competitive in a rapidly changing environment. In design thinking, cross-functional teams work together to understand user needs and create solutions that address those needs. Moreover, the design thinking process h elps unearth creative solutions.          Design thinking offers  p
Read more

Android 15: mobile operating system

-
Image
  Google's next major Android update, Android 15 (Vanilla Ice Cream), is expected in May 2024. It brings new features like native satellite connectivity, high-quality webcam mode for PCs, and improved optimisation for foldable phones.   Google releases a new major update to Android every year, its operating system that powers the world’s most popular smartphones from the biggest brands. This year, the search engine giant will likely launch Android 15 alongside new hardware at  Google I/O 2024  on May 14. Going by the current trend,  Android 15  will bring a ton of new features, with many powered by Generative Artificial Intelligence. Here are 10 new features that Google is introducing with the Android 15 release. 01 Android 15: A new name and logo Android 15 will be the name of the next major Android OS release, which comes with a new logo inspired by space and rockets, similar to the Android 14 logo. Android 15 is internally known as Vanilla Ice Cream, following the tradi
Read more

Micro Frontends

-
Image
  What are Micro Frontends? The term  Micro Frontends  first came up in ThoughtWorks Technology Radar at the end of 2016. It extends the concepts of micro services to the frontend world. The current trend is to build a feature-rich and powerful browser application, aka single page app, which sits on top of a micro service architecture. Over time the frontend layer, often developed by a separate team, grows and gets more difficult to maintain. That’s what we call a  Frontend Monolith . The idea behind Micro Frontends is to think about a website or web app as  a composition of features  which are owned by  independent teams . Each team has a  distinct area of business  or  mission  it cares about and specialises in. A team is  cross functional  and develops its features  end-to-end , from database to user interface. However, this idea is not new. It has a lot in common with the  Self-contained Systems  concept. In the past approaches like this went by the name of  Frontend Integrat
Read more