What is DDoS(Distributed Denial of Service)?
Distributed Denial of Service (DDoS) is a type of DOS attack where multiple systems, which are trojan infected, target a particular system which causes a DoS attack. A DDoS attack uses multiple servers and Internet connections to flood the targeted resource. A DDoS attack is one of the most powerful weapons on the cyber platform. When you come to know about a website being brought down, it generally means it has become a victim of a DDoS attack. This means that the hackers have attacked your website or PC by imposing these with heavy traffic. Thus, crashing the website or computer due to overloading.
Examples of DDoS attacks: In 2000, Michael Calce, a 15-year-old boy who used the online name “Mafiaboy”, was behind one of the first DDoS attacks. He hacked into the computer networks of various different universities. He used their servers to operate a DDoS attack that brought down several websites such as eBay and Yahoo. In 2016, Dyn was hit with a massive DDoS attack that took down major websites and services such as Netflix, PayPal, Amazon and GitHub.
Types of DDoS Attacks: There are various types of DDoS attacks mentioned below:
- Volumetric Attacks: Volumetric Attacks are the most prevalent form of DDoS attacks. They use a botnet to overload the network or server with heavy traffic but exceeds the network’s capabilities of processing the traffic. This attack overloads the target with huge amounts of junk data. This leads to the loss of network bandwidth and can lead to a complete denial of service.
- Protocol Attacks: TCP Connection Attacks exploit a vulnerability in the TCP connection sequence which is commonly referred to as the three-way handshake connection with the host and the server. The working is explained as follows. The targeted server receives a request to start with the handshake. In this attack, the handshake is never accomplished. This leaves the connected port as busy and unavailable to process any further requests. Meanwhile, the cyber criminal continues to send multiple requests overwhelming all the working ports and shutting down the server.
- Application Attacks: Application layer attacks (Layer 7 attacks) target applications of the victim of in a slower fashion. Thus, they may initially appear as legitimate requests from users and the victim becomes unable to respond. These attacks targets the layer where a server generates web pages and responds to http requests. Application level attacks are combined with other kinds of DDoS attacks targeting applications, alongwith the network and bandwidth. These attacks are threatening as it is more difficult for companies to detect.
- Fragmentation Attacks: The cyber criminal exploits frangibilities in the datagram fragmentation process, in which IP datagrams are divided into smaller packets, transferred across a network, and then reassembled. In such attacks, fake data packets unable to be reassembled.
How DDoS Attacks Work: The logic of a DDoS attack is very simple, although attacks can be highly differentiable from each other. Network connections consist of various layers of the OS model. Various types of DDoS attacks focus on particular layers. Examples are illustrated below:
- Layer-3: Network layer – Attacks are known as Smurf Attacks, ICMP Floods, and IP/ICMP Fragmentation.
- Layer-4: Transport layer – Attacks include SYN Floods, UDP Floods, and TCP Connection Exhaustion.
- Layer-7: Application layer – HTTP-encrypted attacks.
How to protect yourself from DDoS attacks:
- Take a quick action: Sooner the DDoS attack is identified, quicker the harm can be resisted. Companies should provide DDoS services or a certain kind of technology so that the heavy traffic can be realized and worked upon as soon as possible .
- Configure firewalls and routers: Firewalls and routers should be configured in a such a way that they reject bogus traffic and you should keep your routers as well as firewalls updated with the latest security patches.
- Consider artificial intelligence: While present defenses of advanced firewalls and intrusion detection systems are very common, Artificial Intelligence is being used to develop new systems.
- Secure your Internet of Things devices: To keep your devices from becoming a part of a botnet, its smart to make sure your computers have trusted security software. Its important to keep it updated with the latest security patches.