Types of DDoS attacks
To implement each DDoS attack, the attackers need a large number of computers or other suitable devices scattered across the Internet. In addition to large virtual machine farms, large-scale networks of so-called enslaved computers and various “smart devices” are used to attack.
As with other cyber terrorist threats, there are a number of options for DDoS attacks. In general, DDoS attacks can be divided into several basic categories, according to the manner attackers attempt to disable an online service.
The basic distribution of DDoS attacks
ACK Flood Attack
Attacks in this category abuse ACK network protocol properties. In practice, ACK or PUSH ACK packets are used as soon as a TCP-SYN connection is established between the guest server and the client.
Application Level Attack
As the name itself suggests, the aim of this attack is not the exhaustion of the transmission line capacity, but an attack on a specific application. This type of attack is also referred to as a Layer 7 DDoS Attack.
DNS Amplification Attack
This relatively sophisticated mode of attack uses so-called open resolvers, which are DNS servers that provide their services not only to users of their own network, but to users located outside of it.
ICMP Flood Attack
Internet Control Message Protocol (ICMP) is one of the leading Internet protocols. It is used to send various error messages or diagnostics. This protocol sends unidirectional links, and no authentication is used.
Multi-vector attacks are among the most complex and most dangerous attacks that can be found. Attackers use a combination of different tools and procedures to attack the application and network layer at once.
This type of attack threatens client-to-client systems where communication is not through the server but directly between users. This is typically a network where users share large amounts of data.
A Slowloris Attack attack is very inconspicuous, but all the more insidious. Minimal data traffic is enough for an attacker to even disable any web server with the help of one computer.
SYN Flood Attack
One of the most common and simplest attacks is a SYN Flood Attack. The purpose of this type of attack is to temporarily disable the functionality of a particular service, such as http (website) or SMTP (e-mail).
Attacks from IoT devices
Attackers quickly learned how to use DDoS attacks as well as various dedicated devices connected to the Internet - the Internet of Things. This is already an integral part of the life of modern households.
Zero-day attacks are those types of attacks that attempt to exploit the vulnerability of software for which there is still no protection in the form of an updated operating system or specific software.