9.2.3 - Distributed DoS Attacks and Botnets

These flashcards cover key concepts related to Distributed DoS Attacks and Botnets as discussed in the lecture notes.

Distributed DoS (DDoS) Attack

An attack launched simultaneously by multiple hosts to consume network bandwidth or exhaust resources, causing denial of service.

SYN Flood Attack

A type of DDoS attack that withholds the ACK packet during the TCP three-way handshake, flooding the server with connection requests.

Spoofing

The act of falsifying the origin of a packet by using an invalid or random IP address to misdirect responses.

Pending Connections Queue

A server's list of connection requests that can only manage a limited number of pending connections.

Distributed Reflection DoS (DRDoS) Attack

A more powerful form of DDoS attack where the victim's IP address is spoofed to direct responses from multiple servers to the victim.

Amplification Attack

An attack that exploits a small request to generate a larger response, overwhelming the target's resources.

Botnet

A network of compromised hosts controlled by an attacker to launch DDoS and DRDoS attacks.

Command and Control (C2 or C&C) Network

The network established between handlers and bots for controlling compromised devices.

Internet of Things (IoT) Botnet

A botnet consisting of Internet-enabled devices such as cameras, routers, and appliances that can be compromised.