Cybersecurity

Dos and Ddos Attack

By
Gowtham Manivel
 Dos Attack

A DoS (Denial of Service) attack is a kind of cyber attack designed to

disrupt the normal functioning of a website or network by overwhelming it
with traffic. A DoS attack gets launched from a single device or different
devices that intend to exhaust the resources of the target website or
network, making it unavailable to legitimate users.
 Types of Dos Attacks

● Browser Redirection
● Closing Connection
● Data Destruction
● Resource Exhaustion
Browser Redirection

Browser Redirection occurs when someone tries to reach a webpage, but

another page with a different URL opens. Only the directed page is visible,
as the hacker diverted the original page to another webpage.

Closing Connection

After sealing the connection, no communication gets established between

the sender (server) and the receiver (client). Here the hacker prevents the
user from accessing resources.
Data Destruction

Data Destruction occurs when the hacker destroys the resource by making it
unavailable for usage. Resources get deleted, or the hacker might overwrite
the data.

Resource Exhaustion

Resource Exhaustion occurs when the hacker frequently demands

admission to a resource and overloads the web application, which slows
down and finally crashes. Therefore, the user fails to access the webpage.
 Ddos attack

A DDoS (Distributed Denial of Service) attack is also a kind of

cyber attack designed to disrupt the normal functioning of a
website or network by overwhelming it with traffic. DDoS attacks
involve various devices, often compromised by malware, that
work together to launch the attack.
 Types of Ddos Attacks

● Volume/Network based Attacks

● Protocol based Attacks
● Application based Attacks
● Fragmentation Attacks
Volume/Network based Attacks

Volume/Network-Based attacks focus on jamming the available bandwidth for

the server by cutting the supply short.

Example – ICMP Requests and UDP Floods.

Protocol based Attacks

Protocol Based attacks consume vital resources of the target server and
exhaust the load balancers and firewalls that protect the system against
DDoS attacks.

Example – SYN Floods

Application based Attacks

Application-Based attacks target applications and operating systems. They

prevent applications from providing the required data to users by hogging the
network to the point the system crashes.

Example – HTTP flooding and BGP hijacking.

Fragmentation Attacks

Fragmentation attacks involve a hacker who transmits web requests in

fragments, slower than usual. On getting Stuck with a single fragment request, a
system fails to function, ending up crashing.

Example – Teardrop attacks and ICMP flooding.

Differences between Dos and Ddos Attacks
Dos Attack Ddos Attack

● A DoS attack involves a single ● A DDoS attack involves various devices, often
device or more devices. compromised by malware, working together to
launch the attack.

● DoS attacks are not so ● DDoS attacks are typically more sophisticated
sophisticated and can not cause and can cause more damage as they involve
much damage to the devices. many devices and a volume of traffic.

● DDoS attacks are more difficult to block, as

● DoS attacks are easy to block, as
the traffic comes from multiple sources.
the traffic comes from a single
source.
 Dos Attack Ddos Attack

● DoS attacks are easier to mitigate, ● DDoS attacks are hard to mitigate, as the
as the attack does not get attack gets distributed across a large number
distributed across different of devices.
devices.

● DDoS attacks are typically more costly to

● DoS attacks are not very costly to defend against as they require more advanced
defend against as they do not security measures.
require advanced security
measures.
● DDoS attacks can be more difficult to detect,
● DoS attacks can be detected as the traffic appears to come from multiple
easily, as there is less traffic. legitimate sources.
 Dos Attack Ddos Attack

● DoS attacks can be prevented ● DDoS attacks can be more difficult to prevent,
easily, as they do not involve as they often involve compromised devices
compromised devices. that are not controlled by the victim.

● DoS attacks are not very

● DDoS attacks are typically more disruptive, as
disruptive.
they involve a large volume of traffic that can
overwhelm the target website or network .
● DoS attacks are easier to recover
from.
● DDoS attacks can be more difficult to recover
from, as the attack may last for a longer
period.
 Dos Attack Ddos Attack

● DoS attacks can result in lost ● DDoS attacks can result in lost revenue,
revenue and damaged damaged reputation, and increased costs for
reputation. security and recovery.

● DOS attacks can be identified ● DDoS attacks can be more difficult to

and located effortlessly, as the prosecute, as the attackers may be difficult to
attackers are in the same place. identify and locate.

● DoS attacks often require less ● DDoS attacks often distract or divert attention
attention than DDoS attacks. away from other malicious activities, such as
data theft or ransomware attacks.
 Dos Attack
● DoS attacks can be motivated
by diverse reasons, like
revenge, prestige harm, and
ransom.
● DoS attacks can get launched
from one specific location, as
the devices used to carry out the
attack are located at the same
place.
Ddos Attack
● DDoS attacks can be motivated by a
variety of reasons, like political activism,
extortion, and competition.
● DDOS attacks can get launched from any
location, as the devices used to carry out
the attack can be located anywhere in the
world.
 Similarities between Dos & Ddos Attacks
● Both disrupt the routine functioning of a website or network by
overwhelming it with traffic.
● Both aim to deplete the resources of the target website or
network, making it inaccessible to legitimate users.
● Both can cause damage to the victim, such as lost revenue,
damaged reputation, and increased costs for security and
recovery.
● Both can have severe outcomes for the victim, including
financial loss, legal penalties, and harm to reputation.
● Both can be launched using various methods, including
botnets, malware, and mocked IP addresses.
 Similarities between Dos & Ddos Attacks
● Both can be challenging to detect and prevent, as they
often involve traffic that appears to be coming from
legitimate authorities.
● Both can be difficult to mitigate and recover from, as
they may last longer and require refined safety
measures.
● Both can be motivated by diverse reasons, including
political activism, extortion, and competition.
● Both can get launched from any location.
● Both can be charged under cybercrime laws if the
attackers get recognised.
 More Dangerous, Dos or Ddos?

● DoS and DDoS attacks can have severe consequences for

the victim, such as monetary loss, legal penalties, and
damage to prestige. One must protect against both by
implementing security measures such as firewalls, intrusion
detection systems, and load balancers.

● DDoS attacks are generally more cultivated and can cause

more damage than DoS attacks, as they involve various
devices and traffic.
 Measures
● Both Dos and Ddos attacks are dangerous for our System and Network.
Hence proper security measures must be taken to prevent such Dos and
Ddos attacks.

● We can place the COmputation resources like data,etc behind Content

Distributed Networks (CDN’s) or Load Balancers and restricting direct
Internet traffic to certain parts of the infrastructure like the database
servers.

● Cloudflare services are best example to prevent from Ddos Attacks