DoS and DDoS attacks
A denial-of-service-attack (DoS attack) is a cyberattack in which the perpetrator seeks to prevent users from accessing network or computer resources. Distributed denial-of-service-attack (DDoS attacks) are an evolution of DoS attacks and consist in intentionally sending large amounts of data to a target from different sources to prevent a user, a group of users or an organization from accessing a network resource.
What are the objectives of a network attack?
Network attacks aim to interrupt access to a specific network service (email, Internet connectivity or all network services). Although these attacks are normally intentional and malicious, they can also occur accidentally. Although not normally associated with theft of information, these attacks can still be costly and time-consuming for the people or organizations affected.
The objective of a DoS attack could be, for example, to crash a Web server for a period of time. In the most extreme cases, millions of people could find themselves temporarily unable to access the network they are using. On other occasions, attackers could use this technique to destroy programs or files on a system.
How DDoS attacks work
DDoS attacks have been on the rise over the last few years. One of the most notorious examples of this type of threat took place at the end of October 2016, when a group of attackers launched a massive cyberattack that knocked out the websites of some of the biggest corporations on the planet, including Netflix, Twitter, Amazon or The New York Times.
Usually orchestrated using botnets (a legion of zombie computers that connect to the targeted server simultaneously), these attacks can cause some serious damage to a company’s operability. They sometimes take advantage of the huge number of devices connected to the Internet of Things (IoT) to bombard the victim's server with millions of junk messages. This way, they can saturate the bandwidth of the attacked company, causing its computers to stop accepting any more incoming data requests.
Denial-of-service attacks are one of the most serious computer threats that companies face today, as hackers can use them to crash servers and demand a ransom for restoring access to them. Reinforcing corporate security and strengthening the protection against DoS attacks are the least you can do to improve system security and availability.
Big Data vs. DDoS attacks
Big Data analytics is becoming a highly effective tool to combat DDoS attacks. Big Data helps companies better understand the profile of their customers by capitalizing on the large quantities of data they store on them, instead of trying unsuccessfully to use a server to track large volumes of traffic across the network. In this regard, cloud-based Big Data systems enable more intelligent traffic analysis capable of detecting anomalies in real time.
Big Data makes it possible to detect DDoS attacks more accurately by tracking millions of IP addresses across network-wide traffic, monitoring for anomalous traffic using multiple data dimensions such as the source geography of the traffic, destination IPs, and common attack ports, and applying learning algorithms to automatically detect relevant destination IPs.