The document discusses distributed denial of service (DDoS) attacks, including their mechanisms, targets, and impacts on various sectors such as gaming, finance, and government services. It highlights different types of DDoS attacks, common mitigation techniques, and legal/ethical concerns surrounding these attacks. The document concludes by emphasizing the need for preparedness and advanced cybersecurity measures to combat the increasing threat of DDoS attacks.

1. D D O S AT TAC K
NAME P CHAKRADHAR
REGD NO. 2101204037
22.11.2024

2. A Distributed Denial of Service (DDoS) attack is an attempt to make an online service
unavailable by overwhelming it with traffice from multiple source
DDos Duration: not defined
Targets: Game industries, banks, news websites
WHAT IS
DISTRIBUTED DENIAL OF SERVICE ATTACKS
The average DDoS attack is about 50 gbps

3. Multiple Systems and Botnets:
• Botnets: Attackers control a network of compromised devices
(botnets) to generate massive amounts of traffic.
• Sources: These devices can include computers, IoT devices, and
even mobile phones infected with malware.
Attack Vectors:
• Volumetric Attacks: Overwhelm the target’s bandwidth with high-
volume traffic (e.g., UDP floods).
• Protocol Attacks: Exploit weaknesses in network protocols to
exhaust server resources (e.g., SYN floods).
• Application Layer Attacks: Target the application layer by sending
overwhelming numbers of requests, often with HTTP floods.
HOW DDOS ATTACKS
WORK

4. Network or Volume centric attack - 64%
Aim to consume the target’s bandwidth by flooding it with high traffic volume.
Examples: UDP Floods, ICMP (Ping) Floods.
TYPES OF DDOS ATTACKS
Protocol attacks - 20%
Exploit vulnerabilities in network protocols to exhaust resources.
Examples: SYN Flood, Smurf DDoS, Ping of Death.
Application layer attack - 16%
Target the application layer (Layer 7) to exhaust server resources by mimicking legitimate
user traffic.
Examples: HTTP Flood, Slowloris.

5. 1.Large Corporations:
• Targets include financial institutions and large e-commerce platforms.
• Impact: Financial losses and service disruptions affecting thousands of users.
2. Government and Public Sector Websites:
• Often targeted by hacktivists to disrupt public services or make political statements.
• Impact: Loss of citizen services and public trust.
3.Gaming Servers:
• Online multiplayer games and gaming platforms are frequent DDoS targets.
• Impact: Service interruptions for players, reputation damage, and financial losses for gaming
companies.
4.Small Businesses:
• Smaller organizations are increasingly targeted, often because of weaker defenses.
• Impact: Financial and reputational damage, potential data breaches.
COMMON TARGETS OF
DDOS ATTACKS

6. 1.Service Disruption:
• DDoS attacks can cause websites and services to go offline, making them inaccessible to
legitimate users.
• Example: A popular e-commerce site experiencing downtime during a major sale.
2. Financial Losses:
• Downtime leads to lost revenue and additional costs for mitigation.
• Example: Financial institutions may lose thousands of dollars per minute of downtime.
3.Increased Security Costs:
• Organizations may need to invest heavily in stronger defenses, including advanced security
infrastructure and third-party services.
• Example: Using cloud-based DDoS protection services incurs ongoing costs.
IMPACT OF DDOS ATTACKS

7. 1.Traffic Filtering:
• Purpose: Identifies and blocks malicious traffic before it reaches the target.
• Example: Firewall rules to filter out traffic from suspicious IP addresses.
2.Rate Limiting:
• Purpose: Limits the number of requests a user can make within a set period.
• Example: Throttling requests on login pages to prevent brute-force attacks.
. 3.Load Balancing:
• Purpose: Distributes traffic across multiple servers to prevent overload on a
single server.
• Example: Using a Content Delivery Network (CDN) to spread traffic
geographically.
MITIGATION TECHNIQUES
DDOS

8. LEGAL AND ETHICAL
CONSIDERATIONS
Legality of DDoS Attacks:
• Cybercrime: DDoS attacks are illegal in most countries,
treated as cybercrimes.
• Criminal Penalties: Offenders may face significant fines,
imprisonment, or both, depending on the severity and
jurisdiction.
Ethical Issues:
• Hacktivism: DDoS attacks are sometimes used by
activists to make political or social statements,
raising debates over ethics versus legality.
• Corporate Espionage: Competing businesses may
use DDoS attacks to harm each other, making ethics
a crucial point.

9. 1.GitHub Attack (2018):
⚬ Overview: GitHub experienced one of the largest DDoS attacks ever recorded, with traffic peaking
at 1.35 Tbps.
⚬ Impact: The site was temporarily taken offline but quickly recovered due to a robust response with
DDoS protection services.
⚬ Mitigation: Leveraged a global DDoS protection service to absorb the traffic spike.
2.Dyn DNS Attack (2016):
⚬ Overview: A massive DDoS attack targeted Dyn, a major DNS provider, causing widespread
outages for sites like Twitter, Reddit, and Netflix.
⚬ Impact: Large parts of the internet were temporarily inaccessible for users in North America and
Europe.
⚬ Cause: Attack originated from a botnet of IoT devices infected with the Mirai malware.
CASE STUDIES OF DDOS
ATTACKS

10. 1.Summary of DDoS Attacks:
• DDoS attacks are a major cybersecurity threat that can disrupt services, cause financial losses, and
harm reputations.
• Understanding the different types and impacts of DDoS attacks is crucial for effective prevention and
response.
2.Importance of Preparedness:
• Organizations must invest in proactive defenses, including traffic filtering, rate limiting, and anomaly
detection.
• Being prepared can minimize damage and ensure continuity of services during an attack.
3.Future Outlook:
• With the growth of connected devices, the potential for DDoS attacks will continue to increase.
• Ongoing developments in cybersecurity, including AI-driven detection and cloud protection, are
essential to combat future threats.
CONCLUSION

11. THANK
YOU