By Shantanu Kaushik
Struggling with DDoS Attacks? Get Free Support Now! Contact Us >>
Distributed Denial of Service (DDoS) is an attack that disrupts normal traffic to the server, network, or resource it targets. As the name suggests, it affects distributed computing architecture by affecting any particular system in this multiple-system-based architecture to overwhelm the resources. Exploited machines can be anything from servers, IoT devices, or network resources.
You can compare a DDoS attack with a traffic jam on a highway, except the road ahead is highly clogged, and vehicles cannot pass. Each compromised system increases the power of a DDoS attack and enables it to spread further. The attacker works to establish botnets to control as many devices as possible and hijack and clog the resources to deny service.
Sluggish service is the main symptom of a DDoS attack. This could also happen from genuine traffic, but if you come across sudden spikes in traffic and slowdown of services, further investigation is required. Some of the identifying factors for a DDoS attack are listed below:
Alibaba Cloud Anti-DDoS mitigates potential security threats by implementing smart algorithms to analyze genuine traffic surges and work against real DDoS attacks.
A DDoS attacker:
An enterprise runs on business continuity. If you don't deal with DDoS attacks immediately or use tools, such as Alibaba Cloud Anti-DDoS Pro, you are subject to these risks:
Business data and customer record leaks are a huge loss. There are legal challenges, and the business' reputation takes a hit.
Denial of service due to a DDoS attack will hinder customer communication and stop customer access to business applications, which results in huge economic losses.
Methods – HTTP GET, HTTP POST, and HTTP flood
Application layer attacks can mimic genuine user requests, making it hard to differentiate between an attack and genuine traffic. Services or website pages with larger resource consumption are more susceptible to DDoS attacks using HTTP flood attacks. These attacks are sent in high frequency and in larger amounts to seize the network, service, or page.
The image below depicts the standard operating procedure of an application layer DDoS attack:
HTTP flood attacks work to target and flood the infrastructure of web applications to cause a denial of service. They affect the performance and functions of the web application to seize the service.
Methods – UDP flood, SYN flood, ACK flood, and RST flood
SYN floods are protocol attacks that are used for state-exhaustion. State exhaustion causes disruptions in service by consuming network or server resources. These resources could be server load balancers or cloud firewalls.
These types of DDoS attacks exploit any vulnerability in the TCP handshake. The victim server receives an illegitimate SYN packet. When the server tries to respond with an SYN-ACK, the ACK bounces. Attacker bots send out multiple SYN packets to flood the system. Since the server doesn't get any response for the SYN-ACK, the resources get used up. As the SYN queue fills up, the server will cease to respond to any request it gets from any user, hence a denial of service.
Let's take a look at the representation below:
Methods – Connection exhaustion attacks, LOIC and HOIC, SlowLoris, Low and Slow attacks, PyLoris, and XOIC
These attacks can induce a massive connection slowdown by exhausting the concurrent resources of the server being attacked. As soon as the upper limit of the connection request is reached, the server denies any new connection requests. This type of attack exploits the HTTP by requesting and forcing open connections that overload the network.
Methods – DNS request flood, Query Flood, Response flood, server attacks (local and authoritative)
Packet attacks occur when malformed IP packets are sent to the victim system. This could result in denial of service. When multiple attack bots place domain name query requests at the same time, it creates a DNS query flood, which results in a denial of service.
DDoS affects distributed systems by stressing one or more resources until the entire system becomes inoperable due to incomprehensible load situations. Alibaba Cloud has developed the Anti-DDoS service to mitigate and ward-off these kinds of attacks. Alibaba Cloud offers a unique integration experience throughout the entire lineup of products and solutions that include ECS, server load balancer, and Alibaba Cloud VPC. With these products and solutions, you can easily keep DDoS attacks at bay.
In this article, we focused on understanding how denial of service occurs in different scenarios. In the next article of this series, we will focus on using different Alibaba Cloud products to maintain a healthy system to mitigate DDoS attacks.
Creating Effective Architectural Diagrams and Coding Complex Applications
Warding off DDoS Attacks with Anti-DDoS – Part 2: Mitigating DDoS Attacks
2,599 posts | 764 followers
FollowAlibaba Clouder - January 20, 2021
Alibaba Clouder - January 20, 2021
Alibaba Clouder - January 20, 2021
Alibaba Clouder - January 13, 2021
Alibaba Clouder - March 19, 2021
Ced - November 6, 2024
2,599 posts | 764 followers
FollowRespond to sudden traffic spikes and minimize response time with Server Load Balancer
Learn MoreA cloud-based security service that protects your data and application from DDoS attacks
Learn MoreA comprehensive DDoS protection for enterprise to intelligently defend sophisticated DDoS attacks, reduce business loss risks, and mitigate potential security threats.
Learn MoreExplore Web Hosting solutions that can power your personal website or empower your online business.
Learn MoreMore Posts by Alibaba Clouder