DDoS Attacks and Mitigation

A Distributed Denial-of-Service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. These attacks leverage multiple compromised computer systems as sources of attack traffic, often forming a "botnet," to make it difficult to stop the attack by simply blocking a single source. The primary goal is to render the online service unavailable to its legitimate users. DDoS mitigation involves a set of techniques and tools designed to resist or lessen the impact of such an attack, which includes detecting and filtering malicious traffic, absorbing the traffic surge with high-capacity networks (often called "scrubbing centers"), and employing intelligent routing to divert the attack away from the core infrastructure.

  1. Introduction to Denial-of-Service Attacks
    1. Defining Denial-of-Service (DoS)
      1. Basic Definition and Purpose
        1. Historical Context and Evolution
          1. Impact on Service Availability
          2. The Evolution to Distributed Denial-of-Service (DDoS)
            1. Key Differences Between DoS and DDoS
              1. Growth and Scale of DDoS Attacks Over Time
                1. Notable Historical DDoS Incidents
                2. Core Concepts and Principles
                  1. Availability as a Security Principle
                    1. Traffic Flooding Mechanisms
                      1. Volume-Based Disruption
                      2. Resource Exhaustion Techniques
                        1. Server Resource Depletion
                          1. Application Resource Depletion
                        2. Motivations for DDoS Attacks
                          1. Hacktivism
                            1. Political Motivations
                              1. Social Causes and Protests
                              2. Extortion and Ransom (RDDoS)
                                1. Ransom Demands and Payment Models
                                  1. Threat Campaigns and Tactics
                                  2. Business Competition
                                    1. Competitor Sabotage
                                      1. Unfair Market Advantage Seeking
                                      2. Cyber Warfare
                                        1. State-Sponsored Attacks
                                          1. Critical Infrastructure Disruption
                                          2. Diversionary Tactics
                                            1. Masking Other Cyber Attacks
                                              1. Security Team Distraction
                                            2. The CIA Triad in DDoS Context
                                              1. Confidentiality Relevance
                                                1. Integrity Considerations
                                                  1. Availability as Primary Target

                                                Go to top

                                                Next

                                                2. Foundational Networking Concepts for DDoS