Modern approaches to protection against distributed denial-of-service attacks

Abstract

The article discusses the problems associated with protection against DDoS attacks, which lead to significant financial losses for private companies that use Web technologies to provide their services in the Internet environment. The rapid growth of Internet-dependency of the business of the corporate sector makes protection against denial-of-service attacks one of its main problems, the difficulty of combating which is explained by the ability of their organizers to hide the address of the source of the attack and the addresses of all network entities involved in the attack scenario. The article provides an analysis of approaches to combating threats from distributed network attacks and shows that effective protection is determined by timely detection of the attack, analysis of false network traffic and its filtering while simultaneously blocking attack sources. Describes the problems solved by IDS intrusion detection systems and IPS intrusion prevention systems, as well as their components and methods of use, based on the analysis of NIST Special Publication 800-94. In addition, the procedures for managing protection against distributed network attacks and determining risks from the implementation of threats of this type are described, based on the Open Group industry standards, which describe risk taxonomy (O-РТ) and risk analysis (O-RA) focused on the use of factor analysis methodology information risks FAIR.

Keywords: DDoS attack, Web technologies, IDS, IPS, IDPS, FAIR.