Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Edge Articles

9/25/2019
10:00 AM
Curtis Franklin Jr.
Curtis Franklin Jr.
Edge Features
50%
50%

The Beginner's Guide to Denial-of-Service Attacks: A Breakdown of Shutdowns

DoS attacks come in many varieties (not just DDoS). This simple set of descriptions will help you understand how they're different - and why each and every one is bad.

Denial-of-service (DoS) is a basic cyberattack mechanism that prevents a victim from doing business by denying them access to their network, server, or customer. It's an attack concept so simple that many different variations have arisen on the single basic theme.

(image: Bits and Splits, via Adobe Stock)
(image: Bits and Splits, via Adobe Stock)

These variations, like weeds rising up to choke a garden, arise to choke out the productive applications in an enterprise ecosystem. And, like weeds, there are many different varieties of these thorny, choking vines from the underworld ready to make your security life miserable.

It's important to know the different sorts of DoS attacks because they have different remedies. Just as different weedy plants can be dealt with in different ways, the counter-measures for DoS attacks are different depending on whether they target the network or applications, and precisely which method of attack they use.

One thing you might have noticed is that we've referred to DoS attacks rather than DDoS. The reason is that DDoS (Distributed Denial of Service) is a particular sort of DoS attack, one in which the attack comes from many different sources so that it's more difficult to defend against.

Whether distributed or from a single source, DoS attacks can be divided into three broad categories based on the part of the infrastructure under attack. First, are application-layer attacks, which take aim at application servers or parts of the application software stack. Next come protocol attacks, which use one of the basic networking protocols, like arp, syn, or ping to do their dirty work. Finally, there are the DoS attacks that are most widely assumed when people talk about DoS — the volumetric attacks that simply try to use sheer traffic volume of one sort or another to choke off access to a victim's network.

Before we head off into this rogue's gallery, one absence should be noted: You won't find a discussion of ransomware here. It's true that ransomware is, technically, a denial of service attack, since it denies the victim access to their own data. It has grown and expanded so much, though, that it deserves it's own article, and it will have one.

In addition, it works in one way that's very different from the DoS attacks we'll discuss here: While all of these block customer access to applications and data, they don't alter the data or applications themselves. Ransomware, conversely alters the files and systems in ways that prevent users from interacting with them. Ransomware affects those files/systems value to the user — and may also result in the destruction of those items. Each type of attack is damaging, but the differences make treating them separately worthwhile.

Let's take a look at these dangerous and irritating pests, with a special eye toward understanding how they differ and how defense should differ, as well.

{Continued on Next Page}

Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and ... View Full Bio

Previous
1 of 4
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
mauricioraul
50%
50%
mauricioraul,
User Rank: Apprentice
9/27/2019 | 6:56:59 PM
Great article. Minor typo, just fyi
In addition to simply DoSsing themselves, companies can find a DoS attack on their application layer that comes in any of several flavors. One of the more insidious, and one that puts application layer DoS in a different category of attacks than the others to ba addressed, is called "low and slow."
The Edge Cartoon Contest: Need a Lift?
Flash Poll