A DDoS attack (Distributed Denial of Service), in French a distributed denial of service attack is a cyber attack aimed at rendering an IT service unavailable or disrupting its operation by flooding it with excessive requests from multiple sources.
- Basic principle :
- The attacker uses a large number of infected devices (botnet) to generate a massive volume of traffic.
- This traffic is directed to a specific target, such as a website or server.
- Objective :
- Overload the target's resources (bandwidth, CPU, memory).
- Prevent legitimate users from accessing the service.
- Common types of DDoS attack :
- Volume attacks (e.g. UDP flood)
- Attacks at the application layer (e.g. HTTP flood)
- Attacks at protocol level (e.g. SYN flood)
- Distinctive features :
- Distributed nature: use of multiple attack sources
- Difficult to block: traffic appears to come from legitimate sources
- Scalable: can adapt quickly to countermeasures
- Potential impact :
- Financial loss - Damage to reputation - Interruption of critical services - Vulnerability to secondary attacks - Protection methods :
- Real-time traffic monitoring
- Use of application firewalls (WAF)
- Implementation of specialised anti-DDoS solutions
- Load sharing and automatic scaling