Distributed Denial of Service (DDoS) Attacks - Methods and Prevention

After diagnosing the patient with a serious neurocognitive problem caused by Alzheimer's disease, the PMHNP should start the patient on anti-dementia medications (Stahl, 2013). In this scenario, I would recommend Aricept (Donepezil) 5 mg orally, preferably before bedtime. While Aricept does not have the protection and also the victim does not have the capability of accessing other networks such as the internet.

With the current technology, several challenges are in place concerning design and the implementation of the mechanism of DDoS that is effective. Some of them include;

Several quantities of unwitting types of participants

Lack of similar features of streams of DDoS

Use of legit models of traffic by the attackers

Lack administrative serving domain within the cooperation

Automated types of tools

Enclosed participants’ identities

Consistency in the security holes within the internet

Unavailability of information

Lack of standardized analysis and approaches towards testing

Hence, the below five principles are suggested for building a solution that is effective;

Because DDoS forms part of a distributed attack and also because of its big volume as well as the packet attack rates, distributed unlike the centralized type of defense forms the very first of DDoS defense.

High Normal Packet Survival Rarion (NPSR) thus leading fewer instance collateral damage forms the primary need for a DDoS type of defense.

The method of defense need to secure information for controlling messages based on confidentiality, sources integrity and freshness of the messages exchanged among the nodes of defense

Where centralized systems for control of autonomous system (AS) lacks within the internet, either partly or increasingly deployable model of defense that needs no centralized control will end up registering success

A system of defense must factor in the future compatibility matters such as the interface with other systems and negotiate varied policies of defense.

On the same note, below characteristics constitute an ideal model that is also effective against the incidence of DDoS attacks;

Must be used only during the times of attack and also during other times it must also enable the system to work in a normal way. Hence, it should allow for ready integration with the present settings or modifications

Must be capable of offering simple, easy and effective type of solution that leads the counteracting with the sources of attack during the prevention of the same attack

Must be capable of identifying the attack that happens to the victim and also preventing it close to the source of the attack.

Must be capable of preventing the existing attack from finding its way to the victim. In this case, the model must be in a position of differentiating between a malicious traffic from a regular benign type of flow through the incorporation of signatures of attack to various sources of attack

Must show quick response to any changes that happen in the pattern of attack traffic

Should stand a chance of offering retaining mechanisms of the evidence of attack for possible use in the legal types of proceedings

V. Filtering Techniques for DDoS Attacks Prevention

Below is a description of these techniques;

Techniques of filtration



Ingress/ Egress

-Prevention IP Spoofing

-Requires universal progress

- Attacks from definite IP addresses unavoidable

RPF ( Route based Packet Filtering)

-Work effectively with static routing

-Problem in the use of dynamic routing

-Requires wider effective implementation


-No need for cooperation of whole Internet Community.

-Prioritize on frequency of packets during incidences of attack

- Ineffective during incidences of definite addresses of IP

- Needs offline database for tracking addresses

-Rely on gathered information


-Offers destination as means of controlling the traffic it desires

-Increment in deployment

-Attacks against the request packets not avoidable (e.g., ROC attack)

-High computational complication and space needs


-Works effectively with set sources of identified communication channels

-Limited scope of the solution

-Needs use of new protocol of security that again is a threat


-Filtering inefficient addressed packets is worthwhile

-Increasing deployment

Possible drop of packets during the time of transient

Table 1: filtering techniques for DDoS attacks prevention


DDoSS attack leads to the loss of share resources of the victim thus leading to the prevention of the legit users from gaining access to the respective resources. Also, DoS may aim at the certain computer components, the whole of the systems of a computer, part of the networking infrastructure and even the whole of the internet infrastructure. This review covered the problem’s overview of the DDoS, the present attack tools of DDoS, the defense challenges, and principles and the categories of the existing DDoS mechanism of prevention. In this case, it offers a good understanding of the problem and makes it possible for a security administrator in effectively equipping his tools with the proper mechanism of prevention that lead to handling the threats from DDoS. The present mechanism for prevention covered in this paper is not close to the desire to ensure the protection from DDoS attack. The major existing problem in place of several insecure machines within internet may lead to the compromisation towards the launching of large-scale coordinated DDoS attack.

Works Cited

Gupta, B. B., Ramesh Chandra Joshi, and Manoj Misra. "Distributed denial of service prevention techniques." arXiv preprint arXiv:1208.3557 (2012).

Zargar, Saman Taghavi, James Joshi, and David Tipper. "A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks." IEEE communications surveys & tutorials 15.4 (2013): 2046-2069.

Freiling, Felix, Thorsten Holz, and Georg Wicherski. "Botnet tracking: Exploring a root-cause methodology to prevent distributed denial-of-service attacks." Computer Security–ESORICS 2005 (2005): 319-335.

Chang, Rocky KC. "Defending against flooding-based distributed denial-of-service attacks: a tutorial." IEEE communications magazine 40.10 (2002): 42-51.

Mirkovic, Jelena, and Peter Reiher. "A taxonomy of DDoS attack and DDoS defense mechanisms." ACM SIGCOMM Computer Communication Review 34.2 (2004): 39-53.

Belissent, Jacques E. "Method and apparatus for preventing a denial of service (DOS) attack by selectively throttling TCP/IP requests." U.S. Patent No. 6,789,203. 7 Sep. 2004.

Deadline is approaching?

Wait no more. Let us write you an essay from scratch

Receive Paper In 3 Hours
Calculate the Price
275 words
First order 15%
Total Price:
$38.07 $38.07
Calculating ellipsis
Hire an expert
This discount is valid only for orders of new customer and with the total more than 25$
This sample could have been used by your fellow student... Get your own unique essay on any topic and submit it by the deadline.

Find Out the Cost of Your Paper

Get Price