Business Guide
simplicable technology guide   »  security   »  a bleak future of ddos attacks

A Bleak Future of DDoS Attacks

        posted by , March 09, 2011

Distributed Denial of Service (DDoS) attacks have evolved — becoming more efficient by targeting higher level services.

Recent developments in technology have exposed vulnerabilities that may further enable DDoS attacks.

Classic DDoS Attacks

In the past, most DDOS attacks were TCP (Layer 4) attacks — designed to tie up TCP sessions, connections and resources.

Over time, networking equipment and anti-DDoS solutions evolved — today there are effective solutions for Layer 4 attacks.

DDoS Trends

Increasingly, DDoS attacks now target Layer 7 protocols such as HTTP.
ddos attack

Layer 7 DDoS

Layer 7 DDoS attacks are more efficient and difficult to defend against:

dos attack

Layer 7 DDoS Examples:
- requesting large files or objects that use up bandwidth
- requesting complex queries that tie up database connections
- manipulating HTTP headers to tie up web server connections
- exploiting vulnerabilities such as buffer overruns

The Future of DDoS

Today, most layer 7 DDoS attacks target the web server or web application. However, web services are increasingly being targeted.

prevent ddos


New architectural approaches such as Service Oriented Architecture (SOA) may be even more vulnerable to DDoS attack.

SOA security

SOA services often implement high level functionality that may trigger:
- complex logic and queries
- legacy APIs and systems
- human workflows
- other SOA services
- components
- integration

One request to a SOA service can consume a great deal of enterprise resources. As a result, SOA DDoS attacks could immobilize a wide range of enterprise systems and services.

3 Shares Google Twitter Facebook

Related Articles

Enterprise Architecture
How to architect an organization.

What you should know about web security.

The basics of big data in 90 seconds.

Learn about the cutting edge of SOA technology.

Recently on Simplicable

Honeypot Explained (Security)

posted by Anna Mar
A honeypot is decoy designed to distract attackers from your information infrastructure.

Security Techniques

posted by Anna Mar
A list of information security strategies and techniques.

The Difference Between Public, Private and Hybrid Cloud

posted by Anna Mar
Popular ideas such as cloud computing get twisted, turned and flipped upside down before anyone can agree on common definitions.

5 Levels of Tech Savvy Bliss

posted by Anna Mar
Modern technology customers and industry insiders are faced with a constant stream of change. Human ability to adapt to this pace of change is remarkable.


about     contact     sitemap     privacy     terms of service     copyright