Not a premium member yet? Save 100's of hours on lesson prep with a comprehensive library of GCSE Computer Science resources - including worksheets, tests, and PowerPoint presentations.
Download the complete GCSE Computer Science bundle including all teacher resources and student revision:
- 200+ Computer Science/ICT resources
+ any we release in the future!
- Access to all student revision notes
- OCR, AQA, Edexcel and WJEC compatible
- New 9-1 GCSE spec
A DOS (denial-of-service) attack transpires when an attacker does something that averts valid users from retrieving computer systems, devices or other network resources.
DOS attacks naturally deluge servers, systems or networks with traffic in order to overpower the victim resources and make it tough or impossible for valid users to use them. Often an attack can be dealt with by simply restarting the system, but flooding attacks can be tougher to recover from.
Guidelines to Determine a DOS Attack
- Deterioration in network performance, specifically when trying to retrieve files saved on the network or when retrieving websites
- Cannot reach a particular website
- Trouble retrieving any website
- A higher than normal volume of spam email
Experts suggest a number of tactics for businesses to protect against a DOS attack, like formulating an incident response plan in advance of any attack. Once there is a feeling that a DOS attack is happening, businesses should contact their ISP to ascertain whether the occurrence is an authentic DOS attack or deterioration of performance triggered by some other issue. The ISP can help lessen the attack by redirecting malicious traffic and using load balancers to decrease the impact of the attack.
Businesses may also want to consider the possibility of using DOS attack detection products. There are some intrusion detection and intrusion prevention systems and firewalls that offer DOS attack recognition functionalities. Other options may be: engaging with a backup ISP and utilising cloud-based anti-DOS services.
There have been instances where DOS attackers require payment from victims in order to stop the attacks, but financial gain is not typically the reason behind this kind of attack. In many instances, the attackers want to inflict harm to the organization or individual targeted in the attack. In other cases, the attackers are just trying to interrupt the victim, inflicting the utmost damage or inconvenience to the greatest number of victims. When a criminal of a DOS attack is identified, the reasons for an attack may also be revealed.
Many notorious DOS attacks are dispersed attacks, meaning the attack traffic is directed from several attack systems. While DOS attacks coming from a single source can be easier to alleviate because protectors can obstruct network traffic from the offending source, attacks directed from multiple attacking systems are far more problematic to spot and protect against because it can be tough to distinguish valid traffic from malicious traffic and screen malicious packets when they are sent from all over the internet.
Types of DOS Attacks
In an expanded DNS DOS attack, the attacker generates crafted domain name system (DNS) requirements that seem to have originated from the victim’s network and transmits them to misconfigured DNS servers administered by third parties.
Application layer attacks generate bogus traffic to internet application servers, especially DNS servers or HTTP servers. While some application-layer DOS attacks rely on flooding the application servers with network data, others rely on manipulating limitations in the victim’s application server or in the application protocol itself.
A buffer overflow attack is a universal description generally used to DOS attacks that transmit more traffic to a network resource than was ever expected by the developers who developed the resource.
In a DDOS attack, the attacker may utilise computers or other network-connected devices that have been infected by malware and made part of a botnet. Distributed DOS attacks, specifically those using botnets, use command-and-control (C&C) servers to control the actions of the botnet members.
The ping-of-death attack exploits the Packet Inter-Network Groper (ping) protocol by transmitting requests with huge payloads, triggering targeted systems to become overwhelmed, stop responding to valid requests for service and possibly crashing the victim systems.