Don't miss an insight. Subscribe to Techopedia for free.


What strategies are companies using to mitigate DDoS attacks?

By Justin Stoltzfus | Last updated: January 28, 2019

Distributed denial of service or DDoS attacks are a major threat to today’s businesses.

These types of cyberattacks have the ability to disrupt and shut down enterprise systems, so companies are really putting a lot of resources into stopping them. Firms are countering DDoS attacks in a number of different ways, from different angles, to secure networks against failure and damage.

One of the ways that companies are mitigating DDoS attacks is with added capacity. The arrival of cloud services means companies are much more able to order on-demand server capacity. This helps with peak traffic times, and it can help with DDoS attacks too. By having more overhead capacity, the business network is able to better stand up to the beginning of a DDoS attack as it grows.

Other DDoS attack mitigation strategies have to do with limiting the influence of the traffic that may be involved in these attacks.

In a basic sense, companies are using sophisticated heuristics and behavioral analysis tools to be able to “spot” the signs of a DDoS attack according to network traffic. For example, some systems work on the basis of trying to separate human from “bot” activity. Where they are successful, they do a good job of letting legitimate customers in, while turning bots away. Some systems can also divert suspicious categories of traffic and contain them in peripheral systems, for a kind of “traffic triaging” and containment approach, in some ways not unlike the “virus vault” used in popular anti-virus software.

Many of the design features in DDoS mitigation software have to do with the principles of machine learning and field analysis. Systems break down traffic into patterns and categories, and start to understand what “looks like” legitimate traffic and what “looks like” a DDoS attack. Some pros point out best practices, like building a precise profile of customers to try to distinguish traffic that way.

By combining an effort to handle bigger volumes of traffic with modern, in-depth targeting of suspicious network activity, companies are able to shore up their systems against DDoS attacks to a significant extent. Some platforms and vendors are getting into the mix, too, with systems like AWS delivering DDoS mitigation features to clients. All of this limits what malicious botnets and other DDoS purveyors are able to do in the digital world.

Share this Q&A

  • Facebook
  • LinkedIn
  • Twitter


Cybersecurity Risk Management Cyber Threats Identity & Access Governance

Written by Justin Stoltzfus | Contributor, Reviewer

Profile Picture of Justin Stoltzfus

Justin Stoltzfus is a freelance writer for various Web and print publications. His work has appeared in online magazines including Preservation Online, a project of the National Historic Trust, and many other venues.

More Q&As from our experts

Related Terms

Related Articles

Term of the Day

Synthetic Data

Synthetic data is input that is generated mathematically from a statistical model. Synthetic data plays an important role in...
Read Full Term

Tech moves fast! Stay ahead of the curve with Techopedia!

Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.

Go back to top