Visualizing A DDoS Cyber Attack

By on Apr 29, 2013

A denial-of-service (DDoS) attack occurs when hackers flood a target website with large amounts of traffic. This traffic is often generated through the hacker’s botnet, or network of infected computers. Usually, when a cybercriminal launches a DDoS attack on a website, there isn’t much for a user like you or me to see beyond an “error” page. We’re simply turned away from the website, and we’re not quite sure why.

However, with the help of website traffic visualization technology, VideoLAN Organization has been able to share a behind-the-scenes look at what actually happens to a website when it is being attacked.

What you’ll see in the video below is a record of the April 23rd DDoS attack against VideoLAN:

In this video, each ball represents a server request, and the different colors represent the specific computers that sent each request. A server request occurs when you enter a web address in your browser to gain entry to a desired web page, and if too many requests are sent at once, the web page will become overwhelmed and fail to load.

In this visualization, the paddle you see is the server attempting to keep up with the requests (think of it like the classic game of Pong). During an attack, requests completely bombard the website with traffic at one specific chokepoint, leaving other legitimate requests (colored balls) to bounce away unfulfilled. In this way, a hacker can monopolize a server and effectively take down an entire website. If a site cannot keep up with a high number of requests, it will not work properly, and you will be greeted with an “Error Not Found” page instead.

For context, here is another traffic visualization for a site that isn’t experiencing an attack:

While it’s not yet clear why a hacker wanted to attack VideoLAN’s servers, DDoS attacks mainly affect organizations, businesses, and retail websites–not home computers. Still, the videos above provide a great visual resource to understand how these attacks work.

Do your part to stop DDoS attacks:

While your personal computer may not be the victim of a DDoS attack, if your computer becomes infected with malicious software, it could easily be used to assist cybercriminals in this type of disruption. As I stated above, one way that hackers generate this much traffic is through a botnet, or a network of infected computers. To ensure your computer doesn’t become part of a botnet, always keep security software like McAfee All Access up to date, and regularly scan your device for potential threats.

For more on this topic and other security news and events, be sure to follow our team on Facebook and on Twitter with @McAfeeConsumer.

About the Author

Gary Davis

Gary Davis was previously McAfee's Consumer Security Evangelist providing security education and advice to businesses and consumers. He is a sought-after speaker on trends in digital security, appearing at conferences and events, as well as security and consumer lifestyle broadcast outlets and publications such as ABC, NBC, FOX, the Wall Street Journal, USA Today, Money ...

Read more posts from Gary Davis

Subscribe to McAfee Securing Tomorrow Blogs