A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.

They target a wide variety of important resources, from banks to news websites, and present a major challenge to making sure people can publish and access important information.

Some attacks even target VoIP infrastructure.

An attacker uses a non-trivial amount of computing resources, which they either built themselves or, more commonly, by compromising vulnerable PC’s around the world, to send bogus traffic to a site. If the attacker sends enough traffic, legitimate users of a site can’t be serviced.

For example, if a bank website can handle 10 people a second clicking the Login button, an attacker only has to send 10 fake requests per second to make it so no legitimate users can login. There are a multitude of reasons someone might want to shut a site down: extortion, activism, competitive brand damage, and just plain old boredom.

Attack Class: Four common categories of attacks

TCP Connection AttacksOccupying connections

These attempt to use up all the available connections to infrastructure devices such as load-balancers, firewalls and application servers. Even devices capable of maintaining state on millions of connections can be taken down by these attacks.

Volumetric AttacksUsing up bandwidth

These attempt to consume the bandwidth either within the target network/service, or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.

Fragmentation AttacksPieces of packetsThese send a flood of TCP or UDP fragments to a victim, overwhelming the victim’s ability to re-assemble the streams and severely reducing performance.

Application AttacksTargeting applicationsThese attempt to overwhelm a specific aspect of an application or service and can be effective even with very few attacking machines generating a low traffic rate (making them difficult to detect and mitigate).

Learn more about DDoS here.

in D

Leave A Comment