![]() ![]() However, at the time of protocol and architecture design, no effective governance and authentication mechanisms were deployed, thus exposing their vulnerabilities to attackers. Since its emergence, the TCP/IP protocol family has contributed a lot to the availability and robustness of networks for communication and directly accelerated the adoption of the Internet. Examples of reflection attacks are DNS reflection and SSDP reflection attacks. Therefore, this type of attack is also known as reflective amplification attack. ![]() The number of response packets is generally multiple times that of request packets. In a reflection attack, the perpetrator starts with requests that use the spoofed IP address of the intended victim as the source IP address, thus diverting response packets of the request services to the victim. From the perspective of attack vectors, DDoS attacks are divided into direct attacks (various flood attacks such as SYN flood mentioned above) and reflection attacks. Network-layer attacks are mainly ICMP floods. Transport-layer attacks include SYN flood, ACK flood, and UDP flood attacks. HTTP floods are a typical example of such attacks. Application-layer attacks are mainly for the purpose of exhausting service resources. From the perspective of the Open Systems Interconnection (OSI) model, DDoS attacks are divided into application-layer attacks, transport-layer attacks, and network-layer attacks. ![]() DDoS Attack MethodsĪccording to a rough estimate, there are nearly 40 DDoS attack methods, indicating that underground cyber attackers have tried every means to exploit vulnerabilities in the network architecture, network protocols, and service facilities. For the connections between the development of DDoS attack techniques and these keywords, please go on reading the following sections. These keywords, to a great extent, present a big picture of the technical environment and industrial environment of cyberattacks and defenses. The preceding figure is a timeline showing when various technologies emerged and the development trend of the Internet that is represented by much talked-about techniques and terms. With the booming of the Internet, these security hazards have rapidly turned into vulnerabilities that are gradually exploited by money-driven hacking groups. Then, when the infrastructure of the Internet, which has grown at an unexpectedly fast pace, was first designed, security was not a much considered issue, inviting many security hazards. On the other hand, the technological development provides continuous technical input to the black industry chain, leading to fast iteration of attack techniques. On the one hand, such a reliance makes networks, services, and hosts ideal targets for hacking groups, which can garner handsome profits once taking down these facilities. These critical technologies give rise to a connected world in which people can communicate with one another conveniently and at the same time are relying more and more on the Internet. 1.2 Evolution of DDoS Attack Techniques 1.2.1 Internet TechnologiesÄDoS attack techniques keep evolving because of the emergence and maturity of critical Internet technologies. ![]() In other words, they will employ more effective methods to accurately hit targets and will have more options of evasion to maximize their illegal gains. Money-driven DDoS attackers, whose activities are affected by governance policies, will see more clearly who and how to attack. Predictably, it is an irreversible trend that DDoS, as a regular weapon useful for hacking groups, will continue to rapidly grow in the size. The profit-seeking nature of the black industry chain of DDoS has a direct bearing on the size of DDoS attacks, as seen in DDoS attacks for cryptomining that are rampant when cryptocurrency prices soar. As one of the biggest threats in the cybersecurity domain, DDoS followed a trend of explosive growth, which is an inevitable byproduct of Internet development. Naturally, with such evolution of resources and technologies as well as the growing scale and value of potential targets, cyber criminals are capable of and interested in launching increasingly massive attacks to garner more profits. In nature, network attack and defense capabilities have iterated with the evolution of the Internet architecture, technologies, and infrastructure, and constant inputs. The size of DDoS attacks virtually coincides with that of global network traffic. Meanwhile, the compound annual growth rate (CAGR) of global IP traffic stands at over 20%. The past decade has witnessed a steady growth in the peak size of DDoS attacks, especially in 2013 when the reflection method was used by attackers on a large scale and the DDoS attack size expanded at an exponential rate. IP data source: The Zettabyte Era: Trends and Analysis ![]()
0 Comments
Leave a Reply. |