You can think you have the best computer security only to have your false sense of security taken away by matters beyond your control. Welcome to distributed denial of service (DDoS) attacks. What originally started as a single hacker overwhelming a server by sending way more traffic than it could handle has turned into an escalating war of multiple layers and dependencies, sent by groups and professional‐looking service providers. Today’s massive DDoS attacks often involve Internet‐connected home devices and send hundreds and hundreds of gigabits of malicious traffic per second. DDoS attacks are committed for many reasons, including revenge, exhortation, embarrassment, political purposes, and even gaming advantages.
There are many types of denial of service attacks. The following sections will explore some of the more prominent ones.
A denial of service (DoS) attack is when a single host attempts to flood a victim with overwhelming traffic to prevent or decrease wanted, legitimate transactions. The simplest and earliest of these were “ping floods,” where as many ICMP Echo (ping) packets were sent to a host as possible. These were replaced by TCP packet floods, which because of the resulting three‐packet handshake could generate more traffic. TCP floods were replaced by UDP floods because the source IP address’s connectionless state allows it to be spoofed, making UDP floods harder to trace and stop.
These simple types ...