DoS (Denial of Service) or DDoS (Distributed Denial of Service) attacks are a way to make computational resources unavailable to legitimate users.
Although the methods by which these attacks are made are very varied, these types of attacks are designed to make a web page or web service work heavily or not at all. A DoS attack can be defined as an attack targeting the availability of a computer or computer network so that it can no longer provide the service for which it was created.
We can talk about a DoS attack when access to a computer or a network has been deliberately blocked or degraded by a user’s malicious action.
Most DoS attacks target network bandwidth or connectivity. In order to exhaust the bandwidth, the attacker creates a large data stream on the network so that a legitimate user can no longer use the network service because its resources become depleted.
An attack on connectivity is carried out by a large number of requests on a server so that it will no longer be able to respond to legitimate users’ requests because its resources will be dealt with by the attacker’s requests.
A DDoS attack (Distributed DoS) is an attack that uses multiple computers to launch a coordinated DoS attack on one or more targets.
Using a client/server pair, the attacker is able to significantly amplify the effectiveness of the DoS attack by capitalizing on the resources of many compelling computers without their will, which are used as attack platforms.
DDoS attacks are the most advanced form of DoS attack and rely on the architecture of the Internet.
Because designing the Internet has been geared towards functionality rather than security, Internet design opens up several opportunities for DDoS attacks:
1. Internet security is strongly interdependent. DDoS attacks are made through systems that are busy due to security issues. As sure as the victim’s system, resistance to a DDoS attack depends on the security of other Internet systems.
2. The power of many against the power of the few. The co-ordinated and simultaneous attacks of some participants will always be detrimental to others if the attacker’s resources are greater than those of the victims.
3. Internet resources are limited. Any entity in the Internet (host, network, service) has a limited number of resources that is consumed by many users.
4. Information and resources are scattered. Most of the information needed to ensure the provision of a service is at terminal stations, limiting the level of processing in intermediate networks.
At the same time, the desire for a higher transfer rate has led to the design of communication channels in intermediate networks with a very high bandwidth, while the terminal networks have as much bandwidth as they need. Thus an attacker can use the bandwidth of an intermediary network to send a lot of messages to the victim.
5. Liability is not forced. In IP packets, the source address is not validated, which can lead to attacks by forging the source address-such as smurf attack.
6. Control is distributed. Internet management is distributed, and each network has its own security policy. It is impossible to impose a global security policy due to the confidentiality issues that may arise, so it is often impossible to investigate the behavior of traffic between networks.