Introduction to DDoS Attacks

DoS Attack

DoS attacks target a single internet-facing system such as:

  • servers
  • devices
  • services like HTTP/HTTPS, networks, or applications

The intent of the attacker is to make the services unavailable.

In a DoS attack, customer-facing websites like e-commerce or banks are unavailable to their users.

Group 1165

DDoS Attack

DDoS attacks originate from many different sources – potentially thousands or more.

These attacks are difficult to stop for two main reasons:

  • Simply blocking a single source won't' stop them.
  • It can be difficult to distinguish legitimate traffic from DDoS attack traffic.

Most Common DDoS Attacks


Continuous Detection And Elimination Of DDoS Threats


DDoS Effects On Enterprises

DDoS attacks fall into three broad categories

Volumetric Attacks


Volumetric attacks (i.e. floods) overwhelm the target network bandwidth with a large volume of requests.  As a result, online traffic pipeline then gets blocked and genuine users face service unavailability. In such events, incoming traffic jumps to gigabit or even terabit levels above the regular traffic.

Examples : ICMPMalformed IP, IP Fragmented

Protocol Attacks


An internet protocol is a set of rules applied between computing devices for seamless communication. Attackers exploit vulnerabilities in these protocols and overwhelm core services, such as routers, firewalls, or load balancers that forward requests to the target network. Protocol attacks are launched in Layer 3 or Layer 4 of the OSI model.

Examples: TCP SYN FloodEmpty Connection Flood, and UDP Flood.

Application Attacks


Application layer attacks in Layer 7 target web application-specific resources and overwhelm their functions.  Application attacks include extensive file downloads or form submissions on the website, exhausting the resources. Since these requests appear to be legitimate, DDoS attack prevention becomes challenging.

Examples: HTTP floodsSlowLoris, Brobot, SSL Negotiation HULK.


Why isn't Mitigation Enough?

DDoS mitigation solutions deliver testing only a few times a year. These tests require maintenance windows, so that means downtime for your business. Between those tests, many new attack vectors have evolved. In addition, many changes have also been made to your network. RADAR testing is always-on, constantly testing and non-disruptive, so it eliminates vulnerabilities as they arise.


Frequently Asked Questions