0
0
Computer Networksknowledge~10 mins

DoS and DDoS attacks in Computer Networks - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualPracticeChallengeProjectRecallTime
Concept Flow - DoS and DDoS attacks
Start: Attacker plans attack
Launch DoS or DDoS attack
Target server/network receives many requests
Server resources get overwhelmed
Server slows down or crashes
Service becomes unavailable to real users
Attack ends or is mitigated
The attacker sends many requests to a server to overwhelm it, causing it to slow down or stop working, making the service unavailable.
Execution Sample
Computer Networks
Attacker sends 1000 requests per second to server
Server processes requests until overloaded
Server response slows or stops
Users cannot access service
This shows how an attacker floods a server with requests, causing it to become overloaded and unavailable.
Analysis Table
StepActionRequests ReceivedServer LoadServer ResponseEffect on Users
1Attack starts100 requests/secLowNormalUsers access normally
2Requests increase500 requests/secMediumSlowerUsers notice delays
3Requests flood1000 requests/secHighVery slowUsers struggle to connect
4Server overwhelmed2000 requests/secOverloadedNo responseUsers cannot access service
5Attack stops or mitigatedNormal trafficNormalNormalUsers regain access
💡 Attack ends or server recovers, normal service resumes
State Tracker
VariableStartAfter Step 1After Step 2After Step 3After Step 4Final
Requests Received010050010002000Normal
Server LoadLowLowMediumHighOverloadedNormal
Server ResponseNormalNormalSlowerVery slowNo responseNormal
User AccessNormalNormalDelayedStrugglingUnavailableNormal
Key Insights - 3 Insights
Why does the server slow down before it completely stops responding?
As shown in steps 2 and 3 in the execution_table, the server load increases gradually with more requests, causing slower responses before it becomes fully overloaded.
What is the difference between DoS and DDoS attacks?
DoS uses one attacker machine to flood the server, while DDoS uses many machines simultaneously, making the attack stronger and harder to stop. This is implied in the 'Requests Received' increasing rapidly in the table.
Why do users struggle to connect before the server completely fails?
Because the server response slows down as load increases (steps 2 and 3), users experience delays and connection issues before total failure.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, at which step does the server become overloaded?
AStep 3
BStep 4
CStep 2
DStep 5
💡 Hint
Check the 'Server Load' column in the execution_table rows.
According to variable_tracker, what happens to 'User Access' after Step 3?
AStruggling
BNormal
CDelayed
DUnavailable
💡 Hint
Look at the 'User Access' row and the value after Step 3.
If the attacker sends fewer requests, how would the 'Server Response' change in the execution_table?
AIt would become 'Very slow' immediately
BIt would become 'No response' faster
CIt would stay 'Normal' longer
DIt would not change
💡 Hint
Consider how 'Requests Received' affects 'Server Response' in the execution_table.
Concept Snapshot
DoS and DDoS attacks flood a server with excessive requests.
DoS uses one source; DDoS uses many sources.
Server load increases, causing slow or no response.
Users cannot access the service during attack.
Mitigation restores normal service.
Full Transcript
A Denial of Service (DoS) attack happens when an attacker sends many requests to a server to overwhelm it. This causes the server to slow down or crash, making the service unavailable to real users. A Distributed Denial of Service (DDoS) attack is similar but uses many computers to send requests at once, making it stronger. The attack starts with low requests and grows until the server is overloaded. Users first notice delays, then cannot access the service. When the attack stops or is stopped, the server recovers and users regain access.