Open In App

What is DDoS(Distributed Denial of Service)?

Improve
Improve
Like Article
Like
Save
Share
Report

Distributed Denial of Service (DDoS) is a type of DOS attack where multiple systems, which are trojan infected, target a particular system which causes a DoS attack. 

A DDoS attack uses multiple servers and Internet connections to flood the targeted resource. A DDoS attack is one of the most powerful weapons on the cyber platform. When you come to know about a website being brought down, it generally means it has become a victim of a DDoS attack. This means that the hackers have attacked your website or PC by imposing heavy traffic. Thus, crashing the website or computer due to overloading. 

Example: In 2000, Michael Calce, a 15-year-old boy who used the online name “Mafiaboy”, was behind one of the first DDoS attacks. He hacked into the computer networks of various different universities. He used their servers to operate a DDoS attack that brought down several websites such as eBay and Yahoo. In 2016, Dyn was hit with a massive DDoS attack that took down major websites and services such as Netflix, PayPal, Amazon, and GitHub. 

DDoS(Distributed Denial of Service) attack

 

DoS

DoS stands for Denial of Service. It is a type of attack on a service that disrupts its normal function and prevents other users from accessing it. The most common target for a DoS attack is an online service such as a website, though attacks can also be launched against networks, machines, or even a single program.

Difference between DoS and DDoS

Some of the common differences between DoS and DDoS are mentioned below.

DoS                                                DDoS                                                      
DoS Stands for Denial of service attack. DDoS Stands for Distributed Denial of service attack.
In Dos attack single system targets the victim system. In DDoS multiple systems attack the victim’s system.
Victim’s PC is loaded from the packet of data sent from a single location. Victim PC is loaded from the packet of data sent from Multiple locations.
Dos attack is slower as compared to DDoS. A DDoS attack is faster than Dos Attack.
Can be blocked easily as only one system is used. It is difficult to block this attack as multiple devices are sending packets and attacking from multiple locations.
In DOS Attack only a single device is used with DOS Attack tools. In a DDoS attack, The volumeBots are used to attack at the same time.
DOS Attacks are Easy to trace.  DDOS Attacks are Difficult to trace.

Types of DOS Attacks are: 

1. Buffer overflow attacks

 2. Ping of Death or ICMP flood 

3. Teardrop Attack 

4. Flooding Attack

Types of DDOS Attacks are:

 1. Volumetric Attacks

 2. Fragmentation Attacks 

3. Application Layer Attacks 

4. Protocol Attack.

Types of DDoS Attacks

There are various types of DDoS attacks mentioned below:

  1. Volumetric Attacks: Volumetric Attacks are the most prevalent form of DDoS attacks. They use a botnet to overload the network or server with heavy traffic but exceed the network’s capabilities of processing the traffic. This attack overloads the target with huge amounts of junk data. This leads to the loss of network bandwidth and can lead to a complete denial of service.
  2. Protocol Attacks: TCP Connection Attacks exploit a vulnerability in the TCP connection sequence which is commonly referred to as the three-way handshake connection between the host and the server. The work is explained as follows. The targeted server receives a request to start with the handshake. In this attack, the handshake is never accomplished. This leaves the connected port as busy and unavailable to process any further requests. Meanwhile, the cybercriminal continues to send multiple requests overwhelming all the working ports and shutting down the server.
  3. Application Attacks: Application layer attacks (Layer 7 attacks) target the applications of the victim in a slower fashion. Thus, they may initially appear as legitimate requests from users and the victim becomes unable to respond. These attacks target the layer where a server generates web pages and responds to HTTP requests. Application-level attacks are combined with other kinds of DDoS attacks targeting applications, along with the network and bandwidth. These attacks are threatening as it is more difficult for companies to detect.
  4. Fragmentation Attacks: The cybercriminal exploits frangibility in the datagram fragmentation process, in which IP datagrams are divided into smaller packets, transferred across a network, and then reassembled. In such attacks, fake data packets are unable to be reassembled.

How do DDoS Attacks Work?

The logic of a DDoS attack is very simple, although attacks can be highly different from each other. Network connections consist of various layers of the OSI model. Various types of DDoS attacks focus on particular layers. Examples are illustrated below:

  • Layer-3: Network layer Attacks are known as Smurf Attacks, ICMP Floods, and IP/ICMP Fragmentation.
  • Layer-4: Transport layer Attacks include SYN Floods, UDP Floods, and TCP Connection Exhaustion.
  • Layer-7: Application layer HTTP-encrypted attacks.

How to Protect Yourself from DDoS Attacks?

  1. Take quick action: Sooner the DDoS attack is identified, the quicker the harm can be resisted. Companies should provide DDoS services or a certain kind of technology so that the heavy traffic can be realized and worked upon as soon as possible.
  2. Configure firewalls and routers: Firewalls and routers should be configured in such a way that they reject bogus traffic and you should keep your routers as well as firewalls updated with the latest security patches.
  3. Consider artificial intelligence: While present defenses of advanced firewalls and intrusion detection systems are very common, Artificial Intelligence is being used to develop new systems.
  4. Secure your Internet of Things devices: To keep your devices from becoming a part of a botnet, it’s smart to make sure your computers have trusted security software. It’s important to keep it updated with the latest security patches.

FAQs

1. What is a DoS attack?

DoS Stands for Denial of service attack. This attack is meant to shut down a machine or network, due to which users are unable to access it. DoS attacks accomplish this by flooding the target with traffic or sending it information that triggers a crash.

2. What is a DDoS attack?

DDoS Stands for Distributed Denial of service attack. In a DDoS attack, the attacker tries to make a particular service unavailable by directing continuous and huge traffic from multiple end systems.

3. What are the different types of DoS attacks?

Types of DOS Attacks are:

  • Buffer overflow attacks 
  • Ping of Death or ICMP flood 
  • Teardrop Attack 
  • Flooding Attack


Last Updated : 22 Mar, 2023
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads