Scribd
Upload
152 views2 pages

Understanding DDoS Attacks & Prevention

Distributed Denial of Service (DDoS) attacks involve an attacker taking control of multiple compromised computers, called handlers, and using them to launch coordinated attacks against a target system, called the victim. The handlers overwhelm the victim with traffic to degrade its performance or disconnect it from the network. There are two main types of bandwidth exhaustion attacks - flood attacks where handlers send a large volume of traffic to the victim, and amplification attacks where an attacker uses the victim's IP address to trigger a much larger response directed at the victim. Effective detection and prevention of DDoS attacks requires understanding the techniques used, including how attackers identify and compromise handlers to remotely control large attack networks.

Uploaded by

neelakshijolly
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
152 views2 pages

Understanding DDoS Attacks & Prevention

Distributed Denial of Service (DDoS) attacks involve an attacker taking control of multiple compromised computers, called handlers, and using them to launch coordinated attacks against a target system, called the victim. The handlers overwhelm the victim with traffic to degrade its performance or disconnect it from the network. There are two main types of bandwidth exhaustion attacks - flood attacks where handlers send a large volume of traffic to the victim, and amplification attacks where an attacker uses the victim's IP address to trigger a much larger response directed at the victim. Effective detection and prevention of DDoS attacks requires understanding the techniques used, including how attackers identify and compromise handlers to remotely control large attack networks.

Uploaded by

neelakshijolly
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Distributed Denial of service (DDoS)

Abstract

Distributed Denial of Service (DDoS) attacks processing capacity, or make the victim disconnected
are very powerful network attack that may harm the from the network. So the process starts from selecting
Internet resources. DDoS attackers set up the DDoS the machines that are less or weakly secured. The
attack network by breaking n numbers of computers. machines that are used to attack to victims system
These unaware computers are then launches are known as secondary victim and the machine
coordinated attack against victim systems. There are under attack is known as primary victim .The attacker
some specific solutions that are developed for can use as much secondary victims as much he need
preventing the network from this attack but attackers to make the primary victim down. more the secondary
are also enhancing the existing DDOS attack tools. victims more difficult to track down the original
Therefore it would be good to develop the complete attacker.
DDos solutions that gave protection from present n
future DDoS variants. However, one must have a According to the CIAC (Computer Incident Advisory
complete understanding of the techniques that are Capability), the first DDoS attacks take place in the
used in DDoS attacks. summers of 1999. In February 2000, the first major
DDoS attacks took place against Yahoo.com. This
This paper work will explain all about DDoS, how it attack kept Yahoo server off the Internet for about 2
attacks?, what are the type of attacks? And what are hours. Another DDoS attack occurred on October 20,
the various methods that can be used to prevent the 2002 against the 13 root servers that provide the
network from it? This will also explain about the Domain Name System (DNS) service to Internet
different type of techniques that are used in this users around the world. Although DDoS attack lasts
attack. This paper will help u to understand the for some hours but it can make disaster to the
difference and similarities in DDoS attacks and its internet.
tools. This paper work is planned to stimulate
research into effective detection mechanisms for This paper work includes the classification of different
DDoS attacks. DDoS attacks, tools ,and countermeasure. This paper
work will describe the setup techniques of DDoS
attack. Its architecture, the active and passive
Introduction methods. By classifying the different type of DDoS
attacks networks, technique and software tools. This
understanding can help to produce more effective
A denial of service attack can be classified as attacks
mechanisms that can be use as prevention from the
that prevent the genuine user from using the victim
DDoS attacks.
system. The DDoS attack involves n numbers of
computers over the network. Then attacker install
DDoS software on them. These machines then
control all the burgled machine to launch the
coordinated attack on the victim system. These
attacks basically put effects on bandwidth, router
DDoS attacks

The DDoS attacks involve hundreds or thousands of


machines all over the Internet. Then the DDoS
software installed on them by the attacker, these Types of DDoS attacks
machines which are also known as handlers control
all the burgled to launch the coordinated attack on the 3.1 Bandwidth exhaustion Attacks
victim system. These attacks then basically put the
bad effects on bandwidth, router processing capacity,
makes the victim disconnected from the network so There are two main types of DDoS bandwidth exhaustion
that it will be no longer reached by any genuine user. attacks. A flood attack, in which the zombies send large
quantity of traffic to a victim system that, obstructs the
Therefore the process starts from selecting the victim system’s communication Medias. An amplification
machines that are less or weakly secured. Then the attack, in which the attacker broadcast the victims ip
attacker installs the software on those machines to address over the network by sending a forged ICMP
hide the break-in fact and to hide the trace of their request messages and everyone one on the network start
following movements. Then the attacker installs a sending the request to the victim system. This process
particular program that is used to remote-control the
reduces the victim system bandthwidth.
burgled machine. And at the last , the machines that
have been taken over ,attacker make a address note
of them. All this process is highly automated.

Archictecture of DDoS

Attacker

Handlers

Victim

You might also like