Information system operators usually pay maximum attention to securing perimeter defense by preventing unauthorized access to network infrastructure, with the primary objective being the prevention of the disclosure of sensitive data. However, they often underestimate the threat of attackers possibly paralyzing the operation of practically any Internet service.
The purpose of a Distributed Denial of Service (DDoS) attack is the disposal of selected online services by overburdening them with illegitimate requirements. For this purpose attackers use a large amount of computers dispersed across the Internet or “smart” devices connected to the Internet. All this equipment is attacked and controlled by a malicious code that allows attackers to take full control of activities.
The most common type of DDoS attacks are volumetric attacks. Attacks of this type result in the overloading of servers, or the congestion of access lines or network devices (such as routers and firewalls) through fraudulent data traffic.
Lately, however, attacks on the application layer have also been on the rise. In the case of an application attack, it is not a significant increase in the volume of data transmitted but an increase in incoming service requests. In this case, the attacker targets the known vulnerability of the target environment, its abuse leading to overloading or crashing the application server. In both cases, it is the aim of the attacker to deny service to legitimate online users.