DOI: https://doi.org/10.36719/2789-6919/57/243-248
Nihad Mahammadli
Odlar Yurdu University
Master’s student
https://orcid.org/0009-0008-1465-3420
nihadmehemmedli2004@gmail.com
Detection and Prevention of Network Attacks (DoS, DDoS)
Abstract
The expansion of modern digital infrastructure and the provision of services via the Internet have made network security an important strategic issue. In this context, Denial of Service Attacks (DoS) and Distributed Denial of Service Attacks (DDoS) are one of the most common cyber threats to sabotage information systems. DoS attacks are mainly carried out from a single source and exhaust system resources – server processes, servers, network connectivity and application-level services. This leads to its overload. DDoS attacks can be carried out on a wider range and in a coordinated manner using many complex devices (botnets), which leads to complete or partial disruption of services. The types of DoS and DDoS attacks in the research area (volume attacks, protocol-level attacks and experience-level attacks) are the types of attacks they cause to the business mechanism and network infrastructure. The risks are analyzed. The effectiveness of traditional signature-based methods, anomaly detection models, traffic analysis, behavior-based monitoring, and artificial intelligence-based methods for detecting attacks was examined. The application of firewall systems, IDS/IPS technologies, traffic filtering methods, load balancing, rate limiting mechanisms, network segmentation, and cloud-based DDoS protection services, as countermeasures, was evaluated. At the same time, it was emphasized that organizational and disciplinary measures – conducting risk analysis, developing risk-free policies, and creating permanent monitoring systems – complement technical defense measures. As a result, effective defense against DoS and DDoS attacks is possible not only through the application of technical means, but also by creating a complex and multi-level vulnerability architecture. Proactive monitoring, real-time analysis mechanisms, and adaptive security models play a key role in ensuring network resilience and information security.
Keywords: DoS attack, DDoS attack, network security, service availability, IDS/IPS systems