This paper contains the summary of research conducted into the mechanisms, effects, and means of addressing denial of service attacks (abbreviated as DOS attacks) and distributed denial of service (abbreviated as DDOS attacks). These attacks can render websites, servers, computers networks, and individual terminals useless for the duration of the attack.
¶ … DDOS Attacks
Computers, computer networks, and the Internet are not only a part of daily life for most individuals in the developed world, but are also an essential element of businesses, governments, and other organizations large and small. The variety and virulence of attacks that can be carried out on organizational websites, computers, and networks is a matter of pressing concern, and is something that it would behoove most individuals to understand at least a little something about. The following paragraphs present a summary of research into one common type of attack, a denial of service or DOS attack, which can also be called a distributed denial of service attack depending on how it is carried out. Understanding how these attacks are carried out and what their aims and effects can be is the first and most important step in combating them, and this research aims to provide such an understanding.
Research Summary
As mentioned above, denial of service attacks and distributed denial of service attacks (DOS attacks hereafter) can take place in a variety of settings and by a variety of means, including over local computer networks and over the Internet, affecting networks as a whole, websites, and even individual and specific terminals or servers (Roebuck, 2005; Cross, 2008). In most scenarios a DOS attack will not cause direct lasting damage in the way that a viral attack or other destructive attack might, but instead it renders the target of the attack essentially unreachable or inoperable (Roebuck, 2005). How this is accomplished is surprisingly simple.
At its most basic, a DOS attack keeps a sever (where a website is stored), computer terminal, or computer network busy with too much traffic or input so that it cannot communicate with legitimate users properly and thus service is denied -- thus the name of the attack (Roebuck, 2005; Cross, 2008). An Ethernet network provides one of the easiest settings in which to understand the mechanism by which a traffic overload causes a service interruption, but this same basic mechanism holds true in one form or another in all DOS attacks. Ethernet networks are set so that communications between terminals happen one at a time, and if two simultaneous communications occur both stop and a repeated attempt to communicate is made at a random interval of time later (Roebuck, 2005). A DOS attack on an Ethernet network would only need find a way to send continuous messages without interruption, and the network would be rendered unusable by anyone with a legitimate interest (Roebuck, 2005).
Things are both harder and easier for the would-be DOS attacker using the Internet. Internet-based DOS attacks can more easily be distributed, meaning there can be multiple machines (often hundreds or thousands, some of them "enslaved" through viruses) sending communications to a particular website -- or technically, to the server on which the site is stored -- that simply overload the server's capacity and could cause it to crash or simply to provide communications that are too slow to be intelligible (Roebuck, 2005; Cross, 2008; Raghavan & Dawson, 2011). The possibilities and the distance involved make Internet DOS attacks more complex, but with the proper know-how they can be easier to achieve consistently for attackers (Roebuck, 2005).
Preventing DOS attacks can be all but impossible, especially in an Internet setting, but taking steps to ensure that a website/server can easily recover from a DOS attack and restore reliable service to users can help reduce the likelihood of that being targeted -- if the attack cannot have much of an effect, it isn't worth much effort (Vaughan-Nichols, 2010). In order to accomplish this, a consistent recommendation among it security experts is to have the latest and greatest technologies and services available, from hosting services to network gateways and firewalls and whatever other pieces of hardware and software architecture are involved in keeping a website live or a network running (Vaughan-Nichols, 2010; Schwartz, 2012). This, combined with planning that includes back-up means of serving consumer/business needs and an understanding of the lack of control when it comes to confronting DOS attacks, are some of the best weapons available (Schwartz, 2012).
You’re 87% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.