Denial of Service Attack and Distributed Denial of Service Attack (abbreviated form; DoS for former and DDoS for latter) are almost the same things. Sometimes a DDoS attack is put into the records as a subcategory of a DoS attack under certain circumstances and other times it is seen as an independently functioning entity. Their functionalities are similar and the only thing distinguishing them is only one simple feature.
Both of these attacks are carried out by a remote device operated by hackers and if the attack comes from a single device, it is DoS. In the case of DDoS, the target is not attacked from one master computer but an entire network controlled by it. This network consists of all the computers infected with a similar kind of malware which is called a Botnet. In the attack, the targeted computer's internet portal is flooded with data traffic by sending endless connection or communication requests causing it to shutdown. An average attack lasts from 15 – 20 hours.
Four most common layers of the Open Systems Interconnection (OSI) Reference Model to be targeted under this attack are:
• Layer 7 (Application Layer)
• Layer 6 (Presentation Layer)
• Layer 4 (Transport Layer)
• Layer 3 (Network Layer) Even though it is very difficult and nearly impossible to prevent such a large scale attack there are solutions that can be applied to minimize the impact of it before it can be removed from your system altogether.
• The more vulnerable a device is, the more it is open to attacks, therefore, the area of possible attack should be protected by changing the flow of traffic coming in the device. It ensures that the area doesn’t come in contact with unnecessary data or files that may be carrying any kind of malware or virus. Use of firewalls may be effective in this case.
• Other than anti-malware software, hardware devices are also an option to detect DDoS.
• Server and bandwidth play a major role in the protection of a system since they can be optimized to handle heavy traffic from the network.
• By employing Content Distribution Networks and Smart Resolution Services in a device, an extra layer in the structure is deployed through which the applications and resources can be accessed which the authentic user on the user end cannot.
• There are some new technologies available in the market that provides protection by doing more than rate limiting. It can authorize the traffic to flow in only when it has made sure it is legitimate by analyzing data packets