DoS attacks target a single internet-facing system such as:
- services like HTTP/HTTPS, networks, or applications
The intent of the attacker is to make the services unavailable.
In a DoS attack, customer-facing websites like e-commerce or banks are unavailable to their users.
DDoS attacks originate from many different sources – potentially thousands or more.
These attacks are difficult to stop for two main reasons:
- Simply blocking a single source won't' stop them.
- It can be difficult to distinguish legitimate traffic from DDoS attack traffic.
DDoS attacks fall into three broad categories
Volumetric attacks (i.e. floods) overwhelm the target network bandwidth with a large volume of requests. As a result, online traffic pipeline then gets blocked and genuine users face service unavailability. In such events, incoming traffic jumps to gigabit or even terabit levels above the regular traffic.
An internet protocol is a set of rules applied between computing devices for seamless communication. Attackers exploit vulnerabilities in these protocols and overwhelm core services, such as routers, firewalls, or load balancers that forward requests to the target network. Protocol attacks are launched in Layer 3 or Layer 4 of the OSI model.
Application layer attacks in Layer 7 target web application-specific resources and overwhelm their functions. Application attacks include extensive file downloads or form submissions on the website, exhausting the resources. Since these requests appear to be legitimate, DDoS attack prevention becomes challenging.
Why isn't Mitigation Enough?
DDoS mitigation solutions deliver testing only a few times a year. These tests require maintenance windows, so that means downtime for your business. Between those tests, many new attack vectors have evolved. In addition, many changes have also been made to your network. RADAR testing is always-on, constantly testing and non-disruptive, so it eliminates vulnerabilities as they arise.