What Is The Full Form Of DDoS?
The full form of DDoS is Distributed-Denial-of-Service.
DDoS is a type of cyber attack. It is a DoS attack subset- known to be one of the most damaging and persistent cyberattacks to date. This malicious attack occurs for disruption of the normal traffic flow of a network or a targeted server. It sends a tremendous amount of Internet traffic, due to which a network or service becomes inaccessible by any legitimate user. Thus, it gets compromised.
DDoS is a distributed attack. It means that it targets multiple devices with a malicious script- making them the sources of traffic.
History of DDoS
- The very first large-scale attack of DDoS took place in July 1999.
- An adversary used a tool named Trin00 for distributing the computer network of the University of Minnesota for two days.
- The infection affected about 114 computer systems. As a result, they sent the data packets to the website of the University.
- After some time, multiple websites like Amazon, Yahoo, CNN, and more became the new victims of this DDoS attack.
How Does a DDoS Attack Take Place?
- The attacker performing this attack needs to gain control over the systems in a network first. They can do so by infecting them using malicious scripts.
- Each system, after being compromised, is called a bot. All the bots collectively constitute a group of compromised systems called the botnet.
- The attacker has full control over this botnet. They can send updated instructions to all these compromised systems at the same time.
- The bots start sending an immense amount of data packets to the target IP. As a result, there’s an overflow of capacity, and it shuts down.
- As a result, a legitimate user becomes unable to access the service.
- Since every bot working in this attack is also a legitimate internet device, the compromised service cannot identify them as malware.
- It is very difficult to differentiate fake traffic from normal traffic. Thus, it is very tricky to identify a DDoS attack on a network.
Types of DDoS Attacks
- Application-Based Attacks – It is one of the most challenging attacks to identify. The attacker needs to exploit the weaknesses in the protocol stack’s layer 7. On reaching the application layer, the attack does not focus on the network itself. It focuses on the CPU or memory. The goal here is to take down a website or an online application. Some examples include Cache bypass, HTTP floods, and server attacks on DNS.
- Volume-Based Attacks – Here, an attacker tries to consume the bandwidth and overload it between the Internet and the target service (or server). They can do so by using the botnet for sending a massive amount of data packets. As a result, it creates congestion that renders the service inaccessible to the concerned users. Some examples include ICMP floods, UDP floods, DNS amplification, and ping floods.
- Protocol-Based Attacks – In this case, the attacker attacks and exploits weaknesses in layers 3 and 4 of the OSI (Open Systems Interconnection) model. This cyberattack consumes the processing capacity of the intermediate and target services along with any other network hardware such as firewalls- thus causing network disruption. Some examples include Ping of Death, SYN flood.
Consequences/Disadvantages of a DDoS Attack
- Loss in productivity – A company’s productivity comes to a halt due to a DDoS attack. It is due to the shutting down of the company’s critical network systems.
- Reduction in turnover – If the attack occurs on a website, such as an e-commerce platform, the services become unreachable. No transactions are possible- resulting in a great loss.
- Damages Brand Reputation – After the attack, a website takes much more time to load. The users may shift to another platform, in this case, for getting similar services. Also, the visitors will consider the website to be less trustworthy, and it will become unreliable.
- DDoS attacks fall under the category of cybercrime in a lot of countries. They are illegal.
- An attacker, when caught, can be put up in jail for about ten years, or they may need to pay a hefty amount as compensation.
Keep learning and stay tuned to get the latest updates on GATE Exam along with GATE Eligibility Criteria, GATE 2023, GATE Admit Card, GATE Syllabus for CSE (Computer Science Engineering), GATE CSE Notes, GATE CSE Question Paper, and more.