wisemonkeys logo
FeedNotificationProfileManage Forms
FeedNotificationSearchSign in
wisemonkeys logo

Blogs

Distributed Denial of Service (DDoS) attack

profile
45_Amulya Yadla
Aug 24, 2023
0 Likes
1 Discussions
92 Reads

A DDoS attack floods a system or network with traffic from multiple compromised devices, disrupting normal operations and making it unavailable to genuine users. Strong cybersecurity measures are necessary to detect and prevent these attacks, which can cause downtime, financial losses, and damage to a target's reputation.

 

WHAT IS DISTRIBUTED DENIAL OF SERVICE?

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. DDoS attacks achieve effectiveness by utilizing multiple compromised computer systems as sources of attack traffic.


HOW DOES A DDoS ATTACK WORK?

 

To carry out a DDoS attack, the attacker needs to control a large number of systems, which are called bots. These systems are often compromised by malware, which gives the attacker control over the system. The attacker then uses these systems to send traffic to the target system.

The amount of traffic that can be generated by a DDoS attack can be very large. For example, a single botnet that was used in a 2016 attack was able to generate 1.7 terabits per second of traffic. This is enough to overwhelm most websites and servers.

 


HOW TO IDENTIFY THE DDoS ATTACK?

1. Sudden spikes in traffic: If you see a sudden and unexplained increase in traffic to your website or server, it could be a sign of a DDoS attack.

2. Slow performance: If your website or server is suddenly slow or unresponsive, it could be a sign of a DDoS attack.

3. Errors: If you are seeing errors on your website or server, such as 503 errors or connection refused errors, it could be a sign of a DDoS attack.

4. Abnormal network activity: If you see abnormal network activity, such as a large number of connections from a single IP address or a large number of connections from a specific country, it could be a sign of a DDoS attack.

5. Complaints from users: If you are receiving complaints from users that they are unable to access your website or server, it could be a sign of a DDoS attack.

 


COMMON TYPES OF DDoS TYPES

 

1. Application layer attacks

The application layer is where the server generates the response to an incoming client request.

For example, if a user enters http://www.xyz.com/learning/ on their browser, an HTTP request is sent to the server. The server will fetch all the information related to the page, package it in a response, and send it back to the browser.

 An application layer attack occurs when a hacker uses different bots/machines to repeatedly request the same resource from the server, eventually overwhelming it.

The most common type of application layer attack is the HTTP flood attack in which malicious actors just keep sending various HTTP requests to a server using different IP addresses.

 

 

2. Protocol attacks

Protocol attacks look to exhaust the sources of a server or those of its networking systems like firewalls, routing engines, or load-balancers. An example of a protocol attack is the SYN flood attack.

Before two computers can initiate a secure communication channel – they must perform a TCP handshake. A TCP handshake is a means for two parties to exchange preliminary information. A SYN packet is typically the first step of the TCP handshake, indicating to the server that the client wants to start a new channel.


In a SYN flood attack, the attacker floods the server with numerous SYN packets, each containing spoofed IP addresses. The server responds to each packet (via SYN-ACKs), requesting the client to complete the handshake. However, the client(s) never respond, and the server keeps waiting. Eventually, it crashes after waiting too long for too many responses.

 

3. Volumetric attacks

Volumetric attacks are conducted by bombarding a server with so much traffic that its bandwidth gets completely exhausted. The most common example of a volumetric attack is the DNS amplification attack.

In such an attack, a malicious actor sends requests to a DNS server, using the spoofed IP address of the target. The DNS server then sends its response to the target server. When done at scale, the dedeluge ofNS responses can wreak havoc on the target server.

 

 

 

Preventing DDoS Attack

 

Real-time packet analysis: Analyze packets based on different rules, as they enter your system, discarding the potentially malicious ones.
DDoS defense system (DDS): A DDS can detect legitimate-looking content with malicious intent. It protects against both protocol and volumetric attacks, without requiring any human intervention.
Web application firewall: Web application firewalls (WAF) are a great tool to mitigate application layer DDoS attacks. They give you a way to filter incoming requests, based on different rules, which can also be added on-the-fly, in response to an attack.
Rate limiting: Limit the number of requests a server can entertain over a certain time period.

 


Comments ()


Sign in

Read Next

Why Does Hierarchy Still matter in Organizations?

Blog banner

Health and fitness

Blog banner

All you need to know about Cassandra

Blog banner

Interrupts - Types, Working & Importance

Blog banner

Operation system

Blog banner

Mango Raisin Chutney (sweet mango raisin spread)

Blog banner

A-B-C of Networking: Part-3 (Topology [Ring, Tree, Mesh])

Blog banner

ARTICLE ON WRIKE CORPORATION

Blog banner

Is It Too Late to Straighten My Teeth as an Adult?

Blog banner

10 Unsolved Mysteries all over the world

Blog banner

Benefits of yoga and meditation

Blog banner

Digital Marketing Ethics Transparency Trust And Brand Reputation digital

Blog banner

Challenges of Digital forensics in cloud computing environment

Blog banner

Art and Culture of Rajasthan

Blog banner

5 Things I As A Dentist Would Never Do (And What You Can Learn From It)

Blog banner

Race Conditions

Blog banner

Digital Marketing

Blog banner

History of Money

Blog banner

Fault tolerance

Blog banner

Direct Memory Access

Blog banner

SECURITY RISKS OF REMOTE WORKING

Blog banner

Geographic Information Systems(By aditi Unnikrishnan)

Blog banner

Apache Kafka

Blog banner

John Titor: The Time Traveler

Blog banner

Cache Memory

Blog banner

Sage

Blog banner

Memory Management

Blog banner

Evolution of the Microprocesor

Blog banner

How College Events Build Real-world Skills You Can’t Learn From Textbooks

Blog banner

DEVELOPMENTS LEADING TO MODERN OPERATING SYSTEMS

Blog banner

Friendship

Blog banner

Google classroom

Blog banner

Consumer to consumer business mode

Blog banner

Spyware

Blog banner

Why Time Management Is the Secret to College Success (and How to Master It)

Blog banner

How to Grow Your Brand on YouTube Without a Big Budget

Blog banner

Remote Work in 2026

Blog banner

Importance Of Education.

Blog banner

Threat from Inside: Educating the Employees Against Cyber Threats

Blog banner

Starvation

Blog banner

MEMORY FORENSIC ACQUISITION AND ANALYSISOF MEMORY AND ITS TOOLS COMPARISON

Blog banner

Data Visualization- Importance and tools (Tableau,Power BI, Matplotlib)

Blog banner