Denial of Service

A Denial of Service (DoS) attack is a type of cyber attack that aims to make a system, network, or service unavailable to its intended users by overwhelming it with a flood of illegitimate requests or consuming its resources. This results in slowdowns, crashes, or complete service unavailability, disrupting normal operations.

DoS attacks typically involve sending large volumes of traffic to a target or Exploiting specific vulnerabilities to exhaust its resources, such as memory, CPU, or bandwidth. While DoS attacks are generally conducted by a single source, they can be scaled up through Distributed Denial of Service (DDoS) attacks, where multiple compromised devices (Botnets) are used to amplify the impact.

The purpose of a DoS attack is to disrupt normal service availability, causing downtime, financial losses, damage to reputation, and potentially distracting security teams from other attacks. DoS attacks are often used for malicious purposes, such as extortion, retaliation, or as part of broader attack campaigns.

DoS attacks can be carried out using various techniques, including flooding the target with TCP/SYN requests (SYN flood), Exploiting vulnerabilities to crash services (application-layer attacks), or consuming server resources with high volumes of requests (HTTP floods). To mitigate DoS attacks, organisations employ measures like rate limiting, web application Firewalls (WAFs), load balancers, and Distributed Denial of Service (DDoS) protection services that filter and block malicious traffic.

Examples of DoS attacks include SYN flood attacks that Exploit the TCP handshake process to overwhelm a server with connection requests, and HTTP flood attacks that send a high volume of requests to Web Servers to exhaust their resources. A DDoS attack using a Botnet of compromised devices, such as the Mirai Botnet, can target critical infrastructure and cause significant disruption.

Challenges in defending against DoS attacks include distinguishing legitimate traffic from malicious traffic, handling attacks that evolve over time, and preventing attackers from Exploiting new vulnerabilities. Effective DoS mitigation strategies involve a combination of network monitoring, traffic filtering, and scalable infrastructure to absorb attack traffic.