What is DDoS Attack

What is DDoS Attack

The DDoS (Distributed DoS)  based on the DoS becomes the most popular method of DoS attack because it can lead to more serious effects easily and quickly. The DDoS architecture is divided into three layers: attacker layer, main controller host layer, and broker host layer. The attacker controls all the hosts which send the attack code to the broker host. The controller host may be any one host on the internet and its number is very large.

The broker host can make the real attack through receiving the command from the controller host. The attacker cannot be found easily as the progress of attack contains more steps and the information of the attacker is hidden.

What is DoS Attack

The DoS attack is the most popular attack in network security with the development of networks and the internet. Basically, it is DoS(Denial Of Service).


Network security becomes more and more serious with the rapid development of network technology and application. The DoS attack is one of the most popular intrusion methods which often make great economic losses and impact. The study on the DoS attack principle and detection method become very imperative and the new technology for DoS must be updated because the attack tools and techniques of the hackers are enhanced gradually.


The network attack and network security coexist and there is no absolute network security environment. There are many reasons for DoS development. The vulnerability for the system software and application program is published and the rogue software often occurs on the internet. The computer virus and Trojan often destroy the program and system. They can lead to the emergence of the DoS attack. Because some attacks can use the DoS to make money, it becomes the tool of making money. There are many methods to implement a DoS attack.

DoS is defined that the normal user can’t get the service because the hacker seized the service using some different attack methods which can destroy the system and network and it also can occupy the computer resources such as RAM, CPU, and network bandwidth.


An attacker sends a large number of service requests with a false address. The server sends a response message back to the sender and waits for response information from the client. Because the addresses are forged, the server can’t get any information and must wait for a long time and the connection will be cut with overtime. The resource allocated for this request cannot be released. If the request number is very large, the server resource will be used up finally. So the new user can’t get the service and the attacker is successful.

The attack can make firewall and routes of the target network to be paralyzed and lead to network congestion


Trinoo –uses UDP flood to produce the distributed denial of service.

The TFN (Tribe Flood Network) -uses the ICMP, SYN Flood, UDP flood and Smurf attacks

XOIC – simple DDoS tool

LOIC (Low Orbit ION cannon)

HOIC (High Orbit ION cannon)

**This article is for educational purposes only. Please do not use any of these tools as these can cause critical damage to the infrastructure. Learn more about what is DDoS attack.


Are you prepared when a DDoS attack happens in your organization? Get a DDoS simulation performed by our experts and better be safe than sorry.

Organizations should also consider getting your network penetration testing and web application penetration testing performed to make sure there are no critical vulnerabilities discovered.

Leave a comment

Contact Us
close slider

    Are you looking for a quote or general enquiry? Please fill in the details below, we will get back to you in 24 hours.

    error: Content is protected !!
    Privacy Preferences
    When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.