Various types and the Techniques used
There are several types of Distributed Denial of Service (DDoS) attacks, each employing different techniques to overwhelm a target system or network. Here are some of the most common types of DDoS attacks, along with their characteristics:
Volumetric Attacks:
Volumetric attacks aim to flood the target's network bandwidth with a high volume of traffic, causing it to become overwhelmed and unavailable.
Attackers utilize botnets or amplification techniques to generate massive amounts of traffic. Examples include UDP floods and ICMP floods.
TCP State-Exhaustion Attacks:
TCP state-exhaustion attacks exploit the stateful nature of TCP connections to exhaust server resources, rendering them unable to handle legitimate connections.
Attackers flood the target with incomplete TCP connections or manipulate TCP handshakes, such as SYN floods or ACK floods, to consume server resources.
Application Layer Attacks:
Application layer attacks focus on targeting vulnerabilities in the application or service running on the target system, consuming its resources and causing disruptions.
Attackers send a large number of requests to specific parts of the application, overwhelming the server's processing capabilities. Examples include HTTP floods, Slowloris attacks, or DNS amplification attacks.
Reflection/Amplification Attacks:
Reflection attacks involve utilizing legitimate third-party servers to reflect and amplify the attack traffic, making it more challenging to trace the source.
Attackers spoof the source IP address of their requests, making them appear as if they are originating from the target. The responses from the third-party servers are then directed toward the target, overwhelming its resources. Examples include DNS amplification attacks and NTP amplification attacks.
IoT-Based Attacks:
IoT-based attacks leverage vulnerable Internet of Things (IoT) devices to form botnets, which are then used to launch DDoS attacks.
Compromised IoT devices, such as cameras or routers, are harnessed to generate attack traffic. The large number of vulnerable IoT devices makes these attacks particularly potent. An example of an IoT-based attack is the Mirai botnet.
Resource Depletion Attacks:
Resource depletion attacks aim to exhaust critical resources on the target system, causing performance degradation or service unavailability.
Attackers focus on consuming specific resources, such as CPU, memory, or disk I/O, by overwhelming them with a large number of requests or malicious traffic.
It's important to note that attackers can combine different attack techniques to launch multi-vector or hybrid DDoS attacks, making them even more challenging to mitigate. Organizations must employ a combination of proactive security measures, such as traffic filtering, rate limiting, or employing DDoS mitigation services, to effectively defend against these various types of DDoS attacks.