What is a DDoS attack?

A Distributed Denial-of-Service (DDoS) attack is an attempt to shut down a machine or a network through multiple infected computer systems. The main goal of this attack is to make an online service unavailable or disrupt the legitimate traffic of a targeted server by overwhelming it with the bad bot traffic. It is one of the most common and disruptive types of cyber-attack.

How Does a DDoS Attack Work

Firstly, the attacker plans for a DDoS attack by exploiting vulnerabilities in one or more computer system and makes it a part of a botnet – where the attacker controls this botnet via centralized command and control (CnC) system. This master system identifies other vulnerable systems and gets control over them by infecting them and use them as a zombie computer/bot.

Then the attacker targets a victim with all these infected bots (combinely "a botnet") and floods the target’s internet pipe with multiple illegitimate requests sent via CNC, which causes a denial of service/unavailability to those legitimate requests that are trying to access the victim’s network/web resource.

DoS v/s DDoS Attacks

In a DoS attack, the attacker uses a single zombie computer to flood a network with TCP/UDP packets. The purpose of a DoS attack is to overload the targeted network’s bandwidth and other resources with illegitimate packets/requests. This will impact in the unavailability of a targeted network to its legitimate users.

Wherein a DDoS attack, the attacker uses a multiple zombie computers and multiple internet connections to overload the targeted network. In this attack, the targeted network is overloaded with hundreds or even thousands of requests at the same time.

Common Types of DDoS Attacks

DDoS attacks are divided into three categories:-

Application Layer Attacks (Connection-based):

The Application Layer attacks, also known as Layer 7 DDoS attacks, occur when an attacker targets a specific application or a website that is poorly coded in order to exploit its weakness. The attacker targets the layer where web pages are generated on the server and delivered in response to HTTP requests. These type of attacks are considered the most sophisticated and serious type of attacks.

Slowloris, slow post, and HTTP/S flood attacks are the type of application layer attacks.

Read More:- https://goo.gl/vNEuxp

HaltDos is an IT Security company that primarily deals in award-winning AI-based Web Application Firewall and DDoS mitigation solutions for SME's and Large Enterprises.