Denial-of-service attack

Edit · View history

Denial-of-service attack (DoS attack) is a cyberattack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial-of-service attacks are typically accomplished by flooding the targeted machine or resource with redundant requests to overload systems and prevent legitimate requests from being fulfilled. A distributed denial-of-service (DDoS) attack occurs when multiple compromised computer systems attack a single target, thereby magnifying the scale of the attack.

Types

History

The first notable denial-of-service attack occurred in 1996 when a flood of SYN packets took down the Internet service provider Panix. In 2000, a 15‑year‑old known as "MafiaBoy" launched a series of DDoS attacks against major e‑commerce websites including Amazon, eBay, and Yahoo, raising public awareness of the threat. Since then, the frequency, size, and sophistication of DDoS attacks have increased dramatically, aided by the proliferation of insecure Internet of Things devices that can be recruited into botnets.

Mitigation

Defending against DoS attacks involves a combination of network architecture design, traffic filtering, rate limiting, and the use of DDoS mitigation services. Techniques include blackhole routing, scrubbing centers, and deploying content delivery networks that absorb excess traffic. No single method is foolproof, and organizations often employ multiple layers of defense.