LUC #19: Understanding and Preventing DDoS Attacks
Plus, service communication strategies, and what makes an API RESTful?
Welcome back to another edition of Level Up Coding’s newsletter.
In today’s issue:
Read time: 5 minutes
Understanding and Preventing DDoS Attacks
Distributed Denial of Service (DDoS) attacks have been around since the late 1990s and since then, they continue to be a prominent threat to protect systems against. By disrupting traffic to a targeted server, service, or network businesses can be brought to a standstill resulting in financial losses, damaged reputation, and eroded user trust.
There are many techniques that safeguard a system from a DDoS attack but to develop an effective defense strategy, understanding the strategy behind DDoS attacks is crucial.
How does a DDoS attack work?
A DDoS attack overwhelms a target with a flood of traffic or activity, coming from multiple sources, making it difficult to pinpoint and block the bad actors. The multi-source nature of these attacks is what differentiates DDoS from its cousin, the Denial of Service (DoS) attack.
There are different approaches to a DDoS attack, which vary depending on the system layer they are directed at. For example, they can target the application layer by making a large volume of application requests. Meanwhile, the protocol layer can be targeted by exploiting their function, for example, a SYN flood initiates a connection but never completes it leaving a large portion of connections half-open.
Recognizing these attack methods is an important first step to building a robust defense. Let's now delve into strategies designed to mitigate and protect against such DDoS threats.
Effective strategies to protect against DDoS attacks
Distributing network traffic across multiple servers, especially in varied geographical locations, makes it challenging for attackers to bring down your entire system. However, aimless redundancy can be a resource drain. The key is smart distribution that aligns with usage patterns and risk assessments.
Apply rate limiting
By restricting the number of requests a user can send in a given time frame, rate limiting can halt suspicious spikes in traffic. But be careful with this technique! Apply it too aggressively, and you risk alienating genuine users.
Implement web application firewalls (WAFs)
WAFs scrutinize HTTP traffic, acting as a buffer between your application and potential threats. Customizing WAFs to identify and block malicious traffic patterns ensures that only legitimate traffic gets through.
Leverage cloud-based solutions
Cloud providers provide built-in solutions that help mitigate DDoS attacks; for example, they often distribute traffic across their vast networks out-of-the-box. Plus, their cutting-edge algorithms often spot and mitigate threats before they escalate.
After you've implemented these strategies, it's important that you don't stop there. Continue to monitor and analyze your web traffic and implement the ability to detect anomalies that could indicate a DDoS attack. With real-time analysis, you can be proactive and act on threats while they're still in their early stages.
DDoS tactics evolve rapidly, capitalizing on vulnerabilities in new technologies or adapting in response to defense strategies. As attackers continually refine their methods, it's important for organizations to stay ahead by regularly updating and evolving their defense mechanisms. This not only entails adopting the latest technological solutions but also fostering a culture of cybersecurity awareness and continuous learning.
Service Communication Strategies (recap)
Most commonly used techniques:
🔸 gRPC: Protocol Buffers to define service and message types which make data compact and efficient to transmit and store. It supports bi-directional streaming and offers flow control features.
🔸 WebSockets: Provide a full-duplex channel over a TCP connection. They allow both the client and server to send messages to each other at the same time. WebSockets require an open connection which is more resource-intensive than stateless options.
🔸 RESTful APIs: provide an interface for services to communicate with each other. It uses the standard HTTP methods GET, POST, PATCH, and DELETE. It is stateless in nature which means requests must contain all the information required to process it.
🔸 GraphQL: It is a data query and manipulation language that provides a way to consolidate APIs so that services can communicate via a single API endpoint. This simplifies communication with a consistent and unified interface.
🔸 Event-driven: services respond to changes in state (referred to as an event). Services send events to a message broker or an event bus which forwards the event to relevant services. This promotes loose coupling, allows services to scale independently, and improves resilience.
🔸 Service mesh: adds an infrastructure layer to each service. It adds a network proxy (called a sidecar) where network traffic is routed through. Because it does this to each individual service, features such as authentication and load balancing can be done on a very granular level.
What Makes an API RESTful (recap)
Representational State Transfer (REST) is an architectural style that is commonly used for web-based APIs alongside HTTP as the transport protocol.
🔸 Stateless: The server shouldn’t need to store any information about a user between requests. Everything that the server needs to execute a task should be sent in the request.
🔸 Separation of concerns: The client and server should function independently of each other.
🔸 Cacheable: Responses can be cached on the client to boost performance.
🔸 Consistent interface: By using HTTP methods like GET, POST, and DELETE, API interfaces stay consistent.
🔸 Resource-based: RESTful APIs have an emphasis on resources rather than methods or functions. A resource can be an object, entity, or data within a system. Resources are uniquely identified using a Uniform Resource Identifier (URI).
🔸 Standard media types: Responses are usually sent as JSON, XML, or plain text. Clients can request a preferred media type.
That wraps up this week’s issue of Level Up Coding’s newsletter!
Join us again next week where we’ll explore how DNS works, principles of object-oriented programming, and end-to-end encryption.