Question

What strategies are companies using to mitigate DDoS attacks?

Answer

Distributed denial of service or DDoS attacks are a major threat to today’s businesses.

These types of cyberattacks have the ability to disrupt and shut down enterprise systems, so companies are really putting a lot of resources into stopping them. Firms are countering DDoS attacks in a number of different ways, from different angles, to secure networks against failure and damage.

One of the ways that companies are mitigating DDoS attacks is with added capacity. The arrival of cloud services means companies are much more able to order on-demand server capacity. This helps with peak traffic times, and it can help with DDoS attacks too. By having more overhead capacity, the business network is able to better stand up to the beginning of a DDoS attack as it grows.

Other DDoS attack mitigation strategies have to do with limiting the influence of the traffic that may be involved in these attacks.

In a basic sense, companies are using sophisticated heuristics and behavioral analysis tools to be able to “spot” the signs of a DDoS attack according to network traffic. For example, some systems work on the basis of trying to separate human from “bot” activity. Where they are successful, they do a good job of letting legitimate customers in, while turning bots away. Some systems can also divert suspicious categories of traffic and contain them in peripheral systems, for a kind of “traffic triaging” and containment approach, in some ways not unlike the “virus vault” used in popular anti-virus software.

Many of the design features in DDoS mitigation software have to do with the principles of machine learning and field analysis. Systems break down traffic into patterns and categories, and start to understand what “looks like” legitimate traffic and what “looks like” a DDoS attack. Some pros point out best practices, like building a precise profile of customers to try to distinguish traffic that way.

By combining an effort to handle bigger volumes of traffic with modern, in-depth targeting of suspicious network activity, companies are able to shore up their systems against DDoS attacks to a significant extent. Some platforms and vendors are getting into the mix, too, with systems like AWS delivering DDoS mitigation features to clients. All of this limits what malicious botnets and other DDoS purveyors are able to do in the digital world.

Related Terms

Justin Stoltzfus
Contributor

Justin Stoltzfus is an independent blogger and business consultant assisting a range of businesses in developing media solutions for new campaigns and ongoing operations. He is a graduate of James Madison University.Stoltzfus spent several years as a staffer at the Intelligencer Journal in Lancaster, Penn., before the merger of the city’s two daily newspapers in 2007. He also reported for the twin weekly newspapers in the area, the Ephrata Review and the Lititz Record.More recently, he has cultivated connections with various companies as an independent consultant, writer and trainer, collecting bylines in print and Web publications, and establishing a reputation…