Most businesses on the Internet are open to many threats and disruptions. These can usually be avoided by taking some precautionary measures like network security and monitoring. However some threats are more difficult to detect and plan against.
One such threat is a Distributed Denial of Service attack (DDOS)
A denial of service attack (DoS attack) is an attack on a computer system or network that causes a loss of service to users, typically the loss of network connectivity and services by consuming the bandwidth of the customer network or overloading the computational resources of the customer system.
In a distributed attack, the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and direct the attack, often through a botnet. With enough slave hosts, the services of even the largest and most well-connected websites can be denied.
With this type of threat on the increase, Data Electronics is analysing a DDOS mitigation service that works based on the following principle:
A device installed in the routing layer of our network mesh is constantly monitoring the traffic. This device is performing two tasks: analyses in real time the traffic searching for malformed packages and creating statistical usage profiles for the IP blocks corresponding to our customers. When a sustained traffic of malformed packages or an ususual rate of packages for a given customer profile are detected, the device creates dynamically a new route for that traffic in our routers diverting it away from our customer infrastructure and allowing only good packages to be processed.