Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | |||
| en:dpi:dpi_options:opt_ddos:ddos_ddos:ddos_ddos_description [2023/10/09 11:24] – elena.krasnobryzh | en:dpi:dpi_options:opt_ddos:ddos_ddos:ddos_ddos_description [2024/09/26 15:29] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ======ddos_ddos_description====== | + | ====== |
| + | {{indexmenu_n> | ||
| + | A hacker possesses a large network of remotely controlled computers (BOTNET) in order to perform DDoS attack. There is no need to hide IP addresses of these computers((Sure BOTNET can be used to enforce ordinary DoS attacks)). The hacker can just imitate legit users' activity. However, due to the large number of computers used for the attack (up to hundreds thousands sometimes), this activity overloads the site and leads to the denial of service. Hackers typically employ the heaviest requests to the site under attack. This reduces the number of computers used for the attack. The IP addresses of these computers will be known after the attack. | ||
| + | |||
| + | Various behavioural strategies are used to protect against these attacks. These approaches allow to detect abnormal behaviour and may be more or less effective. We offer a simple and reliable approach: use a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) page. This test allows to define if the user is a human. | ||
| + | |||
| + | The protection works as follows: | ||
| + | - The protection is trigged by exceeding the threshold value, for example, a comfortable (for a site) number of requests per second. | ||
| + | - Only those users that are in " | ||
| + | - Users who pass the test are added to " | ||
| + | - Users that did not pass the test (BOTs) are unable to get beyond the test page and make any load to the site under attack. | ||