A Denial-of-Service (DoS) attack is a cyber weapon that overwhelms systems, servers, or networks with malicious traffic, rendering them unavailable to legitimate users and causing significant operational and financial damage to targeted organizations.
In a DoS attack, a server, machine, or network is maliciously rendered unusable either through a service crash or a flood of requests that exhausts available resources. DoS attacks prevent legitimate users from accessing the service by overloading it with bogus traffic, effectively shutting down online services, websites, or network infrastructure.
DoS vs. DDoS
A standard DoS attack originates from a single source—one machine sending overwhelming volumes of traffic or requests to a target. A Distributed Denial-of-Service (DDoS) attack differs by using multiple IP addresses or machines, often forming a botnet of thousands or millions of compromised systems, to amplify the attack volume beyond what any single machine could generate. DDoS attacks are significantly harder to block because traffic appears to originate from many different, often legitimate-looking sources.
Types of DoS Attacks
Volume-Based Attacks: Flood the target with massive volumes of traffic designed to consume all available bandwidth. Examples include UDP floods, ICMP floods, and amplification attacks that leverage misconfigured servers to multiply attack volume.
Protocol Attacks: Exploit weaknesses in network protocols to exhaust server resources rather than bandwidth. SYN floods, the most common protocol attack, send a high volume of TCP connection requests without completing the handshake, consuming server connection table entries.
Application Layer Attacks: Target specific applications or services rather than network infrastructure. HTTP floods and slowloris attacks send seemingly legitimate requests that consume server processing resources, often requiring fewer packets to cause disruption.
Impact and Costs
DoS attacks cause enterprises millions in operational damage through direct revenue loss during downtime, emergency response costs, infrastructure repair expenses, and reputational damage. Critical infrastructure, financial services, healthcare, and e-commerce sectors face particularly severe consequences from sustained attacks.
Mitigation Strategies
Effective DoS defense combines rate limiting and traffic filtering at network boundaries, anycast network diffusion to distribute attack traffic across multiple servers, traffic scrubbing services that filter malicious packets before they reach target infrastructure, and behavioral analysis systems that distinguish legitimate traffic spikes from attack patterns.