Even if you have the most perfunctory understanding of how websites work you will likely know that what your clicks eventually become are server requests way down the line. It is when that request is received and accommodated that you get to move to the page you’d like to go to. You may well have also heard of bounce rates, and many times when people grow impatient and leave a website it’s because somewhere out there is server that is simply receiving more requests than it can handle.
The explosive growth in digital traffic is making that scenario increasingly common nowadays, and the only reason you haven’t been any more inconvenienced by it is because of a massive collective effort to improve and expand upon data storage facilities and all the related infrastructure needed to handle the growth in demand. The surge in IoT (Internet of Things) connectivity needs is a great example of why sometimes page load speeds aren’t what they used to be.
A worse scenario for any webmaster is to have their website rendered completely inaccessible, and that’s what happens with a DDOS attack. With what we just explained here, it should make sense that one of the better ways to make a Denial-of-Service attack work would be to swarm the site’s servers with so many requests that it’s overloaded to the point nothing is function like it should any longer.
And that’s what these perpetrators do, and this kind of security concerns if always going to be fairly front and center for any quality Canadian web hosting provider like it is for us here at 4GoodHosting. Some good news here about preventing DDOS attacks, and that’s what we’re going to look at with this week’s entry.
Watchful Eyes
This new better way to recognize DDOS is estimated to be able to improve detecting them by 900% compared to current methods. Computer scientists have worked out a way to keep a watchful eye over ever-changing traffic patterns on the internet. What they’ve done is suggest a very different approach to detecting denial-of-service attacks where perpetrators attempt to shut down a website by bombarding it with requests.
As it has been until now there are systems that aim to detect these attacks by relying on a raw number referred to as a threshold. In the event the volume of users trying to access a site rises above that number, it’s assumed that a coming attack is likely to occur. Trusting in these thresholds can leave systems vulnerable though, as they don’t provide much insight or information about what it is really going on in a system. In fact, some attacks are missed entirely because of this strictly numerical analytic approach.
False alarms are also a problem when sticking to this approach and can have major negative repercussions. A false positive can force defenders to take a site offline and fully halt legitimate traffic. In a sense that’s a self-inflicted DDOS attack, but it really is quite possible. There is a real need to have a more emphatic understanding of the nature of traffic, and this new approach takes that into consideration too.
New Targeted Focuses
With this new approach to DDOS attack detection, the engineers sidestepped the concept of thresholds completely and put the focus on the evolution of entropy. That is a term that means the measure of disorder in a system. Now it’s true there’s consistent disorder everywhere on the Internet, but with a DDOS attack there are always going to be two measures of entropy going in opposite directions.
The target address will have many more clicks than usual that are directed to one place, and this works out to a state of low entropy. But if the sources of those clicks are originating from many different places that qualifies as high entropy. Having a situation where the two are not lining up logically can signify an attack, and this is at the heart of these better DDOS attack prevention approach. The efforts to improve accurate detection and prevention don’t stop there; evaluating entropy levels is paired with watching trends as they change over time plus incorporating what is called the Tsallis formula. It amplifies differences in entropy rates and doesn’t require close oversight by a human to distinguish between legitimate traffic and an attack and this is different from solutions based on machine learning and artificial intelligence.
The post New Asymmetric-Behavior Detection Approach to Improve DDOS Attack Prevention by 90% appeared first on 4GoodHosting Blog.