DDoS Attacks: Meaning and Mitigation

If you are someone who spends a fair amount of time on the internet, then you may not be oblivious to DDoS. Distributed Denial of Service (DDoS) is a malicious attempt to disrupt the service of a server or a network by sending packets of request from a network of botnets. The idea is to flood the network with fake traffic to deny legitimate users to go through. It is used by hackers and hacktivists to sabotage a company’s website for their malevolent gains.

How Does it Work?

The hackers compromise hundreds and thousands of computers or IoT devices, turning them into botnets. These botnets are then used to create fake traffic to a particular IP address flooding them with requests to a point where legitimate users are denied the service. It becomes very difficult to guard against a DDoS attack as the requests are distributed across many systems.

Types of DDoS Attack

Broadly, DDoS attacks are categorized in the following three categories

1. Volume-based attacks– These are concerned with blocking the bandwidth by sending a massive amount of traffic.

Examples of Volume-based attacks

UDP flood– User Datagram Protocol or UDP floods the target’s broadcast network. Upon finding that no programs are receiving packets, the server issues an ICMP to the sender. As a result of issuing too many ICMP, the website may become unreachable.

DNS amplification– The open DNS server is targeted through request, which in turn responds with a large amount of data. The amplification process is carried out till exhaustion resulting in a denial of service.

2. Protocol attacks– These attacks consume all the available resources such as firewalls and load balancers.

Example of Protocol attacks

  • SYN Floods– They exploit the vulnerabilities in a TCP handshake. When the host cannot acknowledge further
Read the rest