denial of service [English]


InterPARES Definition

n. (DoS, abbr.) ~ An attack on an online service that seeks to make the service unavailable to legitimate users by overwhelming the service with spurious requests or network packets.

General Notes

Traffic in a denial of service (DoS) attack generally comes from a single source. Traffic in a distributed denial of service attack (DDoS) will originate from many sources that are part of a botnet, a collection of compromised devices running attack software.

Other Definitions

  • Wikipedia (†387 s.v. denial-of-service attack): An attempt to make a machine or network resource unavailable to its intended users. Although the means to carry out, the motives for, and targets of a DoS attack vary, it generally consists of efforts to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.

Citations

  • CNSS-4009 (†730 p.24): The prevention of authorized access to resources or the delaying of timecritical operations. (Time-critical may be milliseconds or it may be hours, depending upon the service provided.) (†1726)
  • ISACA Glossary (†743 s.v. denial of service attack): An assault on a service from a single source that floods it with so many requests that it becomes overwhelmed and is either stopped completely or operates at a significantly reduced rate. (†1773)
  • Iyengar, et al. 2014 (†637 p.233): Denial of service (DoS) and distributed denial of service (DDoS) are two web based attacks aiming to make critical resource unavailable to legitimate users. DDoS, which is an amplified and advanced form of DoS, is the security breach that targets the remote data centers running important services and floods the servers with huge amount of packets that is unbearable to the victim server causing unavailability of services to legitimate users. DDoS is a tempting way to attack the [cloud] service providers due to the wide spread availability of attack tool and simplicity of the attack strategy. (†1439)
  • Law 2011 (†581 s.v. denial of service attack): An attack on a computer system by a hacker or virus that does not seek to break into the system, but rather to crash a Web site by deluging it with phony traffic. Such attacks are difficult to defend against, but firewall s can be designed to block repeated traffic from a particular source. (†1134)
  • Olufon, et al. 2014 (†638 p.206): Often times, when people think of wireless security, they think in terms of preventing unauthorized access. However an attacker's objective may not be to obtain access to the network, but instead, to destabilise it. A variation of this was carried out in the preceding section. It is of utmost importance that security professionals do not make the potentially costly mistake of neglecting other aspects of wireless security, case in point being DoS attacks. As of this writing, it is not possible to prevent denial of service attacks, as the bands on which WLANs operate on are unlicensed, therefore anyone can connect to them. However, it is possible to detect denial of service attacks with an IDS (Intrusion Detection System). (†1440)
  • Wade, et al. 2010 (†639 p.231): Denial of service attacks are currently causing serious threats. Despite researchers' effort for many years, they ruin availability of various network services without an effective preventive solution. Many of the attacks are performed in a form of distributed denial of service (DDoS) attacks. DDoS attacks are hard to prevent not only due to difficulty in nailing down the true origins of the attacks, but also due to a large number of seemingly unrelated hijacked hosts used in attacks, which makes distinction from surges in legitimate users difficult. (†1441)