Introduction to DDoS Attacks

DoS Attack

DoS attacks target a single internet-facing system such as:

  • servers
  • devices
  • services like HTTP/HTTPS, networks, or applications

The intent of the attacker is to make the services unavailable.

In a DoS attack, customer-facing websites like e-commerce or banks are unavailable to their users.

Group 1165

DDoS Attack

DDoS attacks originate from many different sources – potentially thousands or more.

These attacks are difficult to stop for two main reasons:

  • Simply blocking a single source won't' stop them.
  • It can be difficult to distinguish legitimate traffic from DDoS attack traffic.
Ebook_Mockup_03

Most Common DDoS Attacks

2-original

Continuous Detection And Elimination Of DDoS Threats

Ebook_Mockup_03@3x_1

DDoS Effects On Enterprises

DDoS attacks fall into three broad categories

Volumetric Attacks

cybersecurity-products-and-services

Volumetric attacks (i.e. floods) overwhelm the target network bandwidth with a large volume of requests.  As a result, online traffic pipeline then gets blocked and genuine users face service unavailability. In such events, incoming traffic jumps to gigabit or even terabit levels above the regular traffic.

Examples : ICMPMalformed IP, IP Fragmented

Protocol Attacks

cybersecurity-products-and-services

An internet protocol is a set of rules applied between computing devices for seamless communication. Attackers exploit vulnerabilities in these protocols and overwhelm core services, such as routers, firewalls, or load balancers that forward requests to the target network. Protocol attacks are launched in Layer 3 or Layer 4 of the OSI model.

Examples: TCP SYN FloodEmpty Connection Flood, and UDP Flood.

Application Attacks

cybersecurity-products-and-services

Application layer attacks in Layer 7 target web application-specific resources and overwhelm their functions.  Application attacks include extensive file downloads or form submissions on the website, exhausting the resources. Since these requests appear to be legitimate, DDoS attack prevention becomes challenging.

Examples: HTTP floodsSlowLoris, Brobot, SSL Negotiation HULK.

cybersecurity-products-and-services

Why isn't Mitigation Enough?

DDoS mitigation solutions deliver testing only a few times a year. These tests require maintenance windows, so that means downtime for your business. Between those tests, many new attack vectors have evolved. In addition, many changes have also been made to your network. RADAR testing is always-on, constantly testing and non-disruptive, so it eliminates vulnerabilities as they arise.

 

Frequently Asked Questions