Skip to content
Related Articles

Related Articles

Improve Article
Save Article
Like Article

What is DDoS mitigation?

  • Difficulty Level : Expert
  • Last Updated : 10 Sep, 2021

In this article, we will learn about DDoS mitigation and how it attacks.

DDoS mitigation refers to the process of securing and protecting a server when it gets attacked from a DDoS attack. DDoS stands for Distributed Denial of Service. DDoS is the process when the attackers/hackers attack a server by disrupting all the network services of the users connected to that network.

Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.

 

DDoS Attack :



  • DDoS attacks are used by attackers to shut down the websites of different business and organizations.
  • In this attack, the attackers use unwanted bot traffic to overwhelm the website so that normal users can’t reach their destination website.
  • The attackers use a large number of IOT devices and network servers and devices to flood the network of the website and to not allow the legitimate users to use it.
  • Attackers use harmful malware and virus technologies to infect the devices so that they can also participate in DDoS attacks.
  • DDoS mitigation involves of securing the network from DDoS attacks by separating human traffic from bot-traffic by using different IP address, HTTP header and JavaScript footprint.

DDoS MITIGATION

DDoS Mitigation Process :
The mitigation process takes place in 4 steps –

  1. Detection – 
    We have to identify the traffic flow as soo as possible so that, we can stop the attack and be prepared for it. We have to continuously monitor the traffic characteristics and be aware of how many bots are there on the website.
  2. Diversion – 
    In case of large traffic flow, we must divert the traffic via DNS (domain network system) or BGP (border gateway protocol) routing process. DNS routing is always available on demand and it helps to divert the traffic in case of network-layer or application-layer attacks.
  3. Filter – 
    The network should be able to separate legitimate a d unwanted bot traffic with help of IP address, HTTP etc.
  4. Analysis – 
    Now for future purposes, the network must gain all the information about the attacker so that in future, they may already prevent that attack with the help of that information. System logs and advanced security analytics should be used to record their information.

DDoS Mitigation Techniques :

  • Separate Traffic – 
    This is the most important part of a mitigation process in which we should have high efficiency in differentiating between legitimate and unwanted bot users.
  • Reduce attack surface – 
    Even if the website is attacked, we should reduce the attack surface of the website so that minimum damage is caused to the network.
  • CDNs – 
    CDN (content delivery network) helps to distribute the website content and to minimize the path length between users and website resources.
  • Black Hole Routing – 
    Black hole routing involves the separation of unwanted bot users from legitimate users with the help of computer networks and then, re-routing those bots to a black-hole.
  • WAF – 
    WAF (web application firewall) is a application to respond to a DDoS attack quickly by mitigating them instantly so that traffic is dropped before it reaches the server.

Steps to choose a DDoS Mitigation Service :
When a DDoS mitigation service is used, we should keep in mind the following data points –

  • Flexible – 
    We should be able to create and modify policies at any time to adapt to new threats at any time is a important thing to keep in mind.
  • Reliable – 
    The DDoS mitigation service should be highly reliable so that it can be used whenever there are chances of an attack on the network.
  • Scalable – 
    The mitigation service should be highly scalable according to the size of the network being used. It should be capable of handling larger attacks whenever it happens.
  • Network Size – 
    Having a larger network helps the DDoS service provide more fast efficiently with extensive data transferring capabilities.
My Personal Notes arrow_drop_up
Recommended Articles
Page :

Start Your Coding Journey Now!