DDoS Attacks and Mitigation - Introduction to Denial-of-Service Attacks

DDoS Attacks and Mitigation

A Distributed Denial-of-Service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. These attacks leverage multiple compromised computer systems as sources of attack traffic, often forming a "botnet," to make it difficult to stop the attack by simply blocking a single source. The primary goal is to render the online service unavailable to its legitimate users. DDoS mitigation involves a set of techniques and tools designed to resist or lessen the impact of such an attack, which includes detecting and filtering malicious traffic, absorbing the traffic surge with high-capacity networks (often called "scrubbing centers"), and employing intelligent routing to divert the attack away from the core infrastructure.

MS Word (.docx)Markdown (.md)

1.1.

1.1.1.

1.1.2.

1.1.3.

1.2.

1.2.1.

1.2.2.

1.2.3.

1.3.

1.3.1.

1.3.2.

1.3.2.1.

1.3.2.2.

1.3.3.

1.3.3.1.

1.3.3.2.

1.4.

1.4.1.

1.4.1.1.

1.4.1.2.

1.4.2.

1.4.2.1.

1.4.2.2.

1.4.3.

1.4.3.1.

1.4.3.2.

1.4.4.

1.4.4.1.

1.4.4.2.

1.4.5.

1.4.5.1.

1.4.5.2.

1.5.

1.5.1.

1.5.2.

1.5.3.

Go to top

2. Foundational Networking Concepts for DDoS

Introduction to Denial-of-Service Attacks

Defining Denial-of-Service (DoS)

The Evolution to Distributed Denial-of-Service (DDoS)

Core Concepts and Principles

Availability as a Security Principle

Traffic Flooding Mechanisms

Resource Exhaustion Techniques

Motivations for DDoS Attacks

Hacktivism

Extortion and Ransom (RDDoS)

Business Competition

Cyber Warfare

Diversionary Tactics

The CIA Triad in DDoS Context