Cyber-attacks have reached a tipping point in terms of quantity, length, complexity and targets. Read these short articles to get familiar with today’s most common types of DDoS attacks and tools and learn how to protect against these threats.
Necessity is the mother of invention. That certainly holds true in the world of cyber security. As security professionals have developed new defenses to attack vectors, hackers have developed new tools to counter the countermeasures. The result is a plethora of attack types that, depending on industry trends, rise and fall in popularity throughout the year. Based on research and surveys of over 300 worldwide organizations by Radware, this paper outlines the attack vectors that proved popular in 2015, and thus sheds light on what to expect in 2016.
The advanced persistent denial-of-service (APDoS) attack represents the very best of the worst. It is a clear and emerging cyber security threat that takes the finest that cyber assailants have developed in recent years and combines it into a multi-vector attack campaign that targets all layers of the IT infrastructure: network, server, and application.
Dynamic IP addresses are an effective way to defeat IP-based defense systems: launch application-level attacks that originate from real—but dynamic—IP addresses. This paper outlines some of the most common variations of dynamic IP attacks, explores challenges in defending against them, and points to best practices for thwarting these attacks.
Just as the network security and hacking world is continually evolving, so too are the tools used to carry out distributed denial of service (DDoS) attacks. For example, DDoS tools such as Trinoo and Stacheldraht were widely used at the turn of the century, but these tools ran only on the Linux and Solaris operating systems.
Types of DDoS attacks that target server resources attempt to exhaust a server's processing capabilities or memory and aim to cause a DDoS security weakness. An attacker takes advantage of an existing vulnerability on the target server or in a communication protocol. The target server - website, web application server, web application firewall, or intrusion prevention system - becomes so busy handling illegitimate requests that it can no longer handle legitimate requests.
SSL is a method of encryption used by various network commuication protocols. Conceptually, SSL runs above TCP/IP, providing security to users communicating over other protocols by encrypting communications and authenticating communicating parties. SSL-based DoS attacks and DDoS attacks target the SSL handshake mechanism, send garbage data to the SSL server, or abuse functions related to the SSL encryption key negotiation process.
Low and slow attacks, unlike floods, do not require a large amount of traffic. Low and slow attacks mostly target application resources and sometimes server resources. By nature, these types of DDoS attacks are difficult to detect because they involve connections and data transfers that appear to occur at normal rates, making it challenging to implement web application security and DDoS attack mitigation strategies.