Detecting DDOS attacks and how to mitigate them : studying new possible ways to detect and mitigate DDOS attacks
Finnberg, Jari-Matti (2025)
2025
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-202504035594
https://urn.fi/URN:NBN:fi:amk-202504035594
Tiivistelmä
Distributed Denial of Service attacks, or DDoS, have been a growing menace on the internet for years. In recent years, the number of attacks has increased, along with their impact on internet services. Attackers tend to use more sophisticated attack vectors in their attempts to bring target systems offline. This thesis aims to document methods for identifying new attack vectors, mitigating them, and providing the reader with a comprehensive overview of how to protect the internet from DDoS attacks. Most new attacks are carried out using botnets across the internet. These botnets typically comprise standard internet-connected equipment. In recent years, Internet of Things (IoT) devices have become commonly exploited for botnets due to their lack of security and default passwords.
Recognizing the risks associated with IT systems and their resilience against DDoS attacks is essential. These risks may result in financial losses, reputational harm, or even disruptions to societal functions. National regulations hold companies more accountable for their cybersecurity efforts and strive to protect society and its services from cyberattacks.
This topic was chosen because most theses only mention DDoS in the context of the cyber domain but do not cover the entire landscape of the attacks. This thesis contributes timely insights into how the attacks have changed and provides predictions on how they might evolve. A critical aspect of DDoS is the use of Artificial Intelligence and Machine Learning in mitigations, as well as their role as a tool for attackers to execute more destructive DDoS attacks.
The data used is mainly collected from various vendors supplying DDoS protection, as well as from Telia. The usage of Telia data is conducted in such a way that no customers can be identified, as that information is not publicly available.
Recognizing the risks associated with IT systems and their resilience against DDoS attacks is essential. These risks may result in financial losses, reputational harm, or even disruptions to societal functions. National regulations hold companies more accountable for their cybersecurity efforts and strive to protect society and its services from cyberattacks.
This topic was chosen because most theses only mention DDoS in the context of the cyber domain but do not cover the entire landscape of the attacks. This thesis contributes timely insights into how the attacks have changed and provides predictions on how they might evolve. A critical aspect of DDoS is the use of Artificial Intelligence and Machine Learning in mitigations, as well as their role as a tool for attackers to execute more destructive DDoS attacks.
The data used is mainly collected from various vendors supplying DDoS protection, as well as from Telia. The usage of Telia data is conducted in such a way that no customers can be identified, as that information is not publicly available.