Semalt: Categories Of Denial of Service (DoS) Attacks

DoS attacks are a malicious attempt to make your servers or network resources unavailable temporarily or permanently. Hackers achieve this task by performing different services. As a result, they can suspend or interrupt your accounts for a lifetime. The Denial of Service attacks usually involves a range of compromised machines used to target new computer and mobile devices. These machines cause various vulnerabilities and flood the target resources with continuous requests, queries, and unwanted messages. The DoS attacks can impact your devices greatly and are often executed as botnets.

Andrew Dyhan, the Semalt Customer Success Manager, says that DoS attacks are divided into two different categories:

1. Application layer DoS attack

This type of DoS attack includes HTTP floods, zero-zay assaults or slow attack (Slowloris or RUDY). This DoS attack aims to cause problems for a large number of operating systems, communication protocols, and web applications. They seem to be innocent and legitimate, and the requests look reliable, but their magnitude is measured in the form of requests per second. This DoS attack aims to overwhelm the targeted applications with plenty of requests, causing high memory and CPU usage. It will eventually hand or crash your computer applications.

2. Network layer DoS attack

The network layer DoS attack consists of UDP flood, SYN flood, NTP amplifications, DNS amplification, SSDP amplifications, and IP fragmentations. These are all high-end barrages and are measured in gigabits per second. They are also measured in the form of packets per second and are always executed by the zombie computers or botnets.

How do the DoS attacks spread?

The cybercriminals seek to infect and control hundreds to thousands, even millions of smartphones and computers. They want to act as the masters of zombies or botnet networks and deliver the Distributed Denial of Service (DDoS) attacks, large spam campaigns, and other cyber-attacks. In some circumstances, the cybercriminals establish a giant network of zombies and infected machines to access new networks and devices, either as outright sales or on the rental basis. The spammers might rent and buy the networks to operate large-sized spam campaigns.

DoS botnets and their tools:

The creator of the botnet is called a bot herder or botmaster. He or she controls the DoS bots from remote locations and assigns some tasks to them on a daily basis. The botmasters communicate with the DoS server via hidden channels such as innocuous protocols, HTTP websites and IRC networks. He/she may also use social media sites like Twitter, Facebook, and LinkedIn to get in touch with others.

The botnet servers can easily communicate or cooperate with the DoS networks and other botnet servers, creating an effective P2P network which is controlled by a single or multiple bot experts. It means anyone cannot give instructions to a network of DoS as the attacks have multiple origins and only hackers know about their origin. The DoS bots remain hidden behind the ambiguous services and pretend to provide their customers with high-profile toolkits, which are actually good for nothing.