What are DDoS attacks?
DDoS attacks are carried out when malicious traffic is generated by bad actors with the intention of disrupting a network or publicly accessible application by impairing its availability or performance.
Any public IP receiving traffic from the internet is susceptible to DDoS attacks and main risk is the availability of the service.
Types of DDoS Attack
We can broadly categorized DDoS attacks in three types that you should care about the most.
1. Volumetric Attacks of DDos (Layer 3/4)
Volumetric DDoS assaults are made to flood internal networks with a large amount of malicious traffic. Including centralized DDoS mitigation scrubbing capabilities. These DDoS assaults try to use up all available bandwidth, either inside the target network or service or between it and the rest of the Internet.
Example Attacks:
Volumetric DDoS assaults come in many forms, and many of them are carried out by drones as well as IoT botnets made up of drones and suborned IoT devices like IP cameras and consumer routers. SYN flood attacks, ICMP flood attacks, and UDP flood attacks are examples of typical volumetric DDoS attacks.
Security Control:
These type of attacks are mainly protected by purchasing DDoS protection plan from the service provider.
2. Protocol Attacks (Layer 3/4)
Unlike volumetric DDoS attacks on the application layer, protocol DDoS attacks rely on flaws in internet communication protocols. Because so many of these protocols are used globally, it is difficult and takes a long time to change how they operate. Furthermore, because many protocols are inherently complicated, even when they are redesigned to solve faults, new vulnerabilities are frequently added, enabling for new kinds of protocol attacks and network attacks.
Example Attacks:
A good example of a protocol that might serve as the foundation for a DDoS attack is Border Gateway Protocol (BGP) hijacking. Network administrators use BGP to inform other networks of how their address space is set up. Traffic meant for one network may be diverted to another network, causing resource depletion and congestion, if a malicious actor is able to transmit a BGP update that is assumed to be valid. Tens of thousands of network operators use BGP globally. So switching to a more secure version of the protocol would be difficult and expensive to implement. Examples of other protocol attacks as well as include SYN flood and Ping of Death.
Security Control:
These type are mainly protected by purchasing DDoS protection plan from the service provider.
3. Application Attacks (Layer 7)
Application layer DDoS attacks are designed to directly target the programmed while focusing on specific bugs or issues, stopping the application from sending content to the user.. The most popular target of application layer assaults is web servers. However other applications such as SIP telephony services and BGP are also susceptible.
Example Attacks:
Followings are the example of application attacks: Slow Loris Attack, RUDY Attack, Poison Cache, Slow Pots, etc.
Security Control:
DDoS protection plans are primarily used to prevent these types of attacks.. The service provider in addition to installing Web Application Firewall (WAF).
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.