Close Menu
    Facebook LinkedIn YouTube Instagram X (Twitter)
    Blue Tech Wave Media
    Facebook LinkedIn YouTube Instagram X (Twitter)
    • Home
    • Leadership Alliance
    • Exclusives
    • Internet Governance
      • Regulation
      • Governance Bodies
      • Emerging Tech
    • IT Infrastructure
      • Networking
      • Cloud
      • Data Centres
    • Company Stories
      • Profiles
      • Startups
      • Tech Titans
      • Partner Content
    • Others
      • Fintech
        • Blockchain
        • Payments
        • Regulation
      • Tech Trends
        • AI
        • AR/VR
        • IoT
      • Video / Podcast
    Blue Tech Wave Media
    Home » What is DDoS mitigation? Protecting your network
    DDoS mitigation
    DDoS mitigation
    IT Infrastructure

    What is DDoS mitigation? Protecting your network

    By Yun ZhaoMay 16, 2024No Comments6 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email
    • A DDoS attack involves the use of multiple connected online devices, collectively called a botnet, that overwhelms a target website with fake traffic. It doesn’t attempt to breach the security perimeter and instead, focuses on making websites and servers unavailable to authorized and legitimate users.
    • DDoS mitigation is the process of successfully protecting a target server or network against a DDoS attack, whereby the target victim can mitigate the incoming threat using specially designed network appliances or cloud-based protection services.
    • DDoS mitigation encompasses four crucial phases: absorption to shield against downtime, testing to identify and verify attack patterns, prevention to block malicious traffic, and retaliation to effectively manage and reduce false positives, ultimately safeguarding against disruptive cyber threats.

    DDoS attacks, also known as distributed denial-of-service attacks, are a form of cyber assault aimed at particular applications or websites. In 2023, application layer attacks have surged by 165%, with the technology sector being the primary target among all industries. Therefore, it is imperative to implement a robust DDoS mitigation strategy to ensure consistent uptime and resilience.

    Also read: 4 key things to know about DDoS attacks

    Process of DDoS attack

    DDoS attack, distributed denial-of-service attack, is the attacker taking advantage of the vulnerabilities of existing machines and systems on the Internet, to capture a large number of networked hosts to make it an agent of the attacker.

    When the number of controlled attack proxy machines reaches the attacker’s satisfaction, the attacker can issue strike commands at any time through the attack master.

    The attack master controller is very stealthy to locate due to its very flexible location and the short time it takes to issue the command. Once the command to attack is transmitted to the attack manipulator, the master can shut down or disconnect from the network to avoid tracking, and the attack manipulator releases the command to each attack agent.

    After the attack agent machine receives the attack command, it begins to send many service request packets to the target host. These packets are camouflaged so that the attacker cannot identify their source, and the services requested by these packets tend to consume larger system resources, such as CPU or network bandwidth.

    If hundreds or even thousands of attack proxies attack a target at the same time, it can lead to the exhaustion of the target host’s network and system resources, thus stopping the service. Sometimes, this can even lead to a system crash.

    This can also block network devices such as firewalls and routers on the target network, further aggravating network congestion. As a result, the target host is unable to provide any service at all to normal users. The protocols used by the attackers are some very common protocols and services. This makes it difficult for system administrators to distinguish between malicious requests and normal connection requests, thus making it impossible to effectively separate attack packets and make defence more difficult.

    Also read: ChatGPT went down due to DDoS attack, not its popularity

    DDoS attack

    Concept of DDoS mitigation

    DDoS mitigation is the practice of protecting a server or network from a DDoS attack by successfully blocking and absorbing malicious spikes in network traffic and application usage. A cloud-based protection service or special network equipment is used to mitigate the incoming threat. Doing so does not impede the legitimate traffic flow.

    DDoS mitigation counteracts the business risks that are a result of DDoS attacks against an organization. These mitigation techniques are designed specifically to prioritize the preservation of the availability of resources that attackers aim to disrupt.

    DDoS mitigation also aims at expediting the response time to DDoS attacks as most times, the attacks are more of a diversionary tactic that attempts to distract from other more serious attacks elsewhere on the network.

    Why need DDoS mitigation?

    The basic logic of network composition leads to an advantage in denial of service tactics by online disruptors, who can achieve relevant attack operations by taking your business offline for minutes, hours or weeks.

    According to Kaspersky, an internationally renowned antivirus software, DDoS attacks cost businesses more than $2 million on average.

    4 phases of DDoS mitigation work

    DDoS mitigation works by identifying and blocking the source of the attack traffic, for example, using firewall rules or rate limiting. In addition, DDoS protection solutions absorb and filter attack traffic before it reaches the protected network or website.

    These solutions typically use traffic shaping, filtering and redirecting traffic to a clean-up centre where attack traffic is analysed and filtered.

    1. Absorption

    The first step in defending against a DDoS attack is to absorb the attack, which protects the system from downtime. Knowing how many requests and concurrent IPs the application is getting per minute and performing multiple tests is critical.

    Typically, cloud-based DDoS protection solutions are better because they have auto-scaling capabilities. Local service solutions are outmatched by on-premise solutions due to the number of servers.

    2. Testing

    The next step is to detect if it is a valid DDoS attack and the solution can tell:

    How many requests are at the URI (uniform resource identifier) level?

    Number of requests from IPs?

    How many requests are at the session/host level?

    How many requests are in the entire domain?

    3. Prevention

    The third step is to prevent the attack from being delivered to the application. The DDoS protection solution identifies the attack vectors and blocks requests made using those attack vectors. Then the solution detects various multi-vector attacks.

    Artificial intelligence plays an important role in DDoS attack prevention. Ideally, the mitigation solution should be able to use past data and predict live behaviour.

    At any point in time, the solution should be able to suggest and apply “rate limits” in as much detail as possible. These include URI, session/host, IP and domain rate limits.

    4. Retaliation

    Retaliation is a big part of the “managed services” or DDoS protection services offered by WAF (web application firewall) vendors. While AI can suggest rate limits and even apply “blocking rules,” having a DDoS mitigation solution in place will go a long way toward reducing false positives. After all, fundamentally, DDoS attacks look like legitimate requests.

    DDoS
    Yun Zhao

    Yun Zhao is a junior writer at BTW Media. She graduates from the Zhejiang University of Financial and Economics and majors in English. Send tips to s.zhao@btw.media.

    Related Posts

    Australia’s regulator gives final nod to Vocus–TPG fibre deal

    July 8, 2025

    Trump Media launches Truth+ streaming with Newsmax

    July 8, 2025

    Vocus secures government greenlight for $3.4B TPG telecom deal

    July 8, 2025
    Add A Comment
    Leave A Reply Cancel Reply

    CATEGORIES
    Archives
    • July 2025
    • June 2025
    • May 2025
    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • August 2024
    • July 2024
    • June 2024
    • May 2024
    • April 2024
    • March 2024
    • February 2024
    • January 2024
    • December 2023
    • November 2023
    • October 2023
    • September 2023
    • August 2023
    • July 2023

    Blue Tech Wave (BTW.Media) is a future-facing tech media brand delivering sharp insights, trendspotting, and bold storytelling across digital, social, and video. We translate complexity into clarity—so you’re always ahead of the curve.

    BTW
    • About BTW
    • Contact Us
    • Join Our Team
    TERMS
    • Privacy Policy
    • Cookie Policy
    • Terms of Use
    Facebook X (Twitter) Instagram YouTube LinkedIn

    Type above and press Enter to search. Press Esc to cancel.