Zomro » Полезные статьи от Zomro » Безопасность » What a Distributed denial of service attack (DDoS) is.
flag We stand with Ukraine. To make an impact, please consider donating.

What a Distributed denial of service attack (DDoS) is.

As the amount of data available on the Internet grows, distributed DDoS attacks are becoming more common. DDoS attacks are one of the major Internet security concerns today. Unlike other types of cyberattacks, DDoS attacks do not attempt to breach a security perimeter. It aims to make an online service unavailable and to do so a large amount of malicious traffic is sent to a target server or network from large clusters of connected online devices. Eventually, the target device will be overloaded with fake traffic and unable to respond to legitimate traffic.

Types of DDoS attacks:

1. Volume-based attacks

Volume-based attacks are the most common type of DDoS attack. This is fulfilled when a huge amount of traffic overloads the network bandwidth. Hackers use many computers and connections, often spread all over the world, to send large amounts of traffic packets to the target website. It completely occupies the available bandwidth of the website, creating congestion that makes it impossible for legitimate traffic to pass to or from the target website. The magnitude of such an attack is measured in bits per second (Bps).

2. Protocol attacks

Such attacks are aimed to exhaust server resources, not bandwidth. It focuses on exploiting weaknesses in layers 3 and 4 of the protocol stack. It consumes all the processing power of network infrastructure resources (such as servers, firewalls, and load balancers) by making fake protocol requests, causing a service disruption. The strength of protocol attacks is measured in packets per second (Pps).

3. Application layer attacks

Application layer attacks are the most serious type of attack. They typically require fewer resources than volume-based attacks and protocol attacks. They focus on exploiting weaknesses in layer 7 of the protocol stack. The traffic of the attack is usually legitimate. It establishes a connection with a target and then tries to overload the server with a large number of seemingly legitimate and innocent requests that demand resource-consuming processing. Eventually, the entire database connection pool of the server is busy and blocks legitimate requests. Application layer attacks are harder to prevent. The magnitude is measured in requests per second (Rps).

Although the most common DDoS attacks generally fall into these categories, some attacks can be combined. Hackers can launch a protocol attack to distract and then launch an application layer attack because they need more time to find application-layer vulnerabilities. These are "mixed attacks".

DDoS attacks are evolving every day. If you don't want to be a victim of DDoS attacks, you should contact our specialists and order a service server with DDOS protection