Choosing an appropriate architecture to protect the information system from multi-level DDOS attacks

Abstract

The paper examines multi-level DDoS attacks, which are a type of denial of service (DoS) attack, which aims to ban network services by failing target servers or consuming their resources, so that these servers can no longer provide services to legitimate users. DDoS attacks are divided into several classes, which include: Telnet brute force attack, SYN flood attack, ICMP flood attack, Smurf attack, Ping flood, HTTP Get Flooding request attack and HTTP Post. It is concluded that in order to create an effective information security architecture and, at the same time, effective measures to combat DDoS attacks, it is important to understand the different methods of DDoS. The architecture of information system protection against multilevel DDoS-attacks based on SDN and analysis of network traffic correlation is presented. Recommendations for protecting the information system from multi-level DDoS-attacks have been developed. It is noted that in addition to technical measures, organizations also need to implement procedural measures at the level of protection, detection and response.