Denial of service attacks

A denial of service attack is a security threat where attackers bombard a system (usually a web-based system) with fake requests for service and so deny access to authorized users. therefore, the attack compromises the availability of the system.

The motive for DoS attacks is sometimes a dislike of the organization running the system but, more commonly, it is used as a means of blackmail. Sites are threatened with a DoS attack, which will make them unavailable, unless they make a payment to the criminal who is threatening them.

Denial of service attacks are relatively easy to detect and neutralize if they come from a single computer so the most commonly used DoS attack now is a so-called Distributed Denial of Service attack where a network of computers send thousands of requests to the system that is being attacked. These networks are usually peoples' PCs that have been infected with malware.

There are a range of techniques that may be used for a DoS attack - Wikipedia has a long article on this.

(c) Ian Sommerville 2008