DDOS attacks and how companies are preventing them

-

Understanding DDoS Attacks and How the Internet Survives Them

The modern internet is an incredible engineering achievement. Every day billions of users access websites, APIs, and applications without realizing the massive infrastructure working behind the scenes to keep everything online.

One of the biggest threats to online systems is the Distributed Denial of Service (DDoS) attack.

Let's explore:

  • What a DDoS attack is

  • How attackers launch them

  • How companies like Cloudflare, Google, and Amazon Web Services defend against them

  • The architecture that keeps modern applications resilient

What is a DDoS Attack?

A DDoS (Distributed Denial of Service) attack happens when thousands or even millions of computers flood a server with traffic, overwhelming it so legitimate users cannot access the service.

Think of it like this:

A restaurant has 20 seats.

Now imagine 10,000 fake customers rush in at the same time.

Real customers can no longer enter.

That is exactly what happens to a server during a DDoS attack.

How does a typical DDoS Attack look like?

In a typical attack:

  1. Hackers infect thousands of devices

  2. These devices form a botnet

  3. All devices send requests simultaneously

  4. The server becomes overwhelmed

Where Do the Attacking Computers Come From?

Attack traffic often comes from compromised devices such as:

  • Home routers

  • Security cameras

  • IoT devices

  • Personal computers

One of the most famous botnets was Mirai, which infected thousands of IoT devices worldwide.

These devices were unknowingly used to launch massive attacks across the internet.

How Security Platforms Detect Bots

Security providers like Cloudflare use multiple signals to distinguish between real users and bots.

Some detection methods include:

Traffic Behavior Analysis

Real users browse naturally.

Bots behave differently:





Browser Fingerprinting

Security systems analyze browser characteristics:

  • screen resolution

  • installed fonts

  • WebGL rendering

  • browser APIs

Bots often fail to perfectly mimic these signals.

JavaScript Challenges

Sometimes you see:

"Checking your browser before accessing the website."

This happens when a security platform runs a JavaScript challenge to verify the browser.

Simple bots cannot execute JavaScript correctly.

Modern Web Architecture with DDoS Protection

Modern web applications are designed with multiple layers of protection.

Typical flow:

User
  |
HTTPS
  |
Cloudflare WAF / CDN
  |
Frontend (React)
  |
Backend API (FastAPI)
  |
Redis Cache
  |
PostgreSQL Database

Each layer provides additional resilience and protection.

How the Internet Handles Massive Attacks

Some DDoS attacks are unbelievably large.

For example:

  • 46 million requests per second attack mitigated by Google

  • 71 million requests per second blocked by Cloudflare

  • 2.3 Tbps attack mitigated by AWS

To defend against attacks of this scale, companies rely on global infrastructure.

Global Anycast Networks

Instead of sending traffic to one server location, requests are routed to the nearest data center.

Benefits:

  • traffic load is distributed globally

  • attacks are absorbed across many locations

  • no single data center becomes overwhelmed

Multi-Layer Defense Strategy

Modern systems defend against attacks using multiple layers:

  1. IP reputation filtering

  2. Rate limiting

  3. Browser fingerprinting

  4. Machine learning detection

  5. CAPTCHA or human verification

  6. Edge network filtering

Each request receives a risk score.

Low risk → Allow
Medium risk → Challenge
High risk → Block

The Hidden Infrastructure of the Internet

Most users never see this infrastructure.

But every time you open a website, your request passes through:

  • global edge networks

  • web application firewalls

  • traffic filtering systems

  • distributed caching layers

These systems protect applications from attackers while ensuring fast and reliable access for real users.

Final Thoughts

DDoS protection is one of the most fascinating areas of modern distributed systems.

It combines:

  • networking

  • cybersecurity

  • machine learning

  • large-scale infrastructure engineering

The next time you load a website, remember that behind the scenes, powerful systems are working constantly to ensure the internet stays available.

Author
Manoj Tharayil
Test Automation Leader | Software Quality Advocate | Technology Enthusiast

Comments

Post a Comment

Popular posts from this blog

The pesky scrollbars on Remote desktop - Finally fixed!!

-
Image
  The problem We always had scrollbars (vertical as well as horizontal) when we connect to remote desktop (eg: nftRunbox01). This meant we had to scroll up and down many times to work on rotheram environments.  Full screen was an option, but we wanted to see the taskbar as well as the messages from skype (Paul). I remember my colleagues would not allow pairing unless the scroll bar issue was fixed. :)  We ended up editing rdp files and what we tried to do was... desktopwidth:i:1437 desktopheight:i:865 session bpp:i:24 winposstr:s:0,1,0,20,1437,865 We changed the winposstr values so that horizontal and vertical scroll bars disappear. This was a trial and error method and consumed a lot of time (10 to 15 mts). I looked at a few open source projects and found a project on sourceforge which solved the problem. I was still looking for a way (easier) to solve the scroll bar issue. Solution Just add the following line to your .rdp file. smart sizing:i:1 Old RDP File desktopw...
Read more
-
 I worked on UI Automation using Cucumber, Java and Selenium in a company ( company name hidden due to confidentiality agreement). After creating the framework completely, when it was time to deploy to pipeline, I found we don't have devops team in the company. The devs were helping out by doing devops work in addition to their normal duties. They explained that they can help with C# code ( basically .Net core deployments into agents), but could not help maintaining agents which run JVM ( for Java code). It was time to switch to C#. I found Specflow is a C# implementation of Cucumber and we need Visual Studio ( Professional at least) to continue the work. The management at the highest level were very supportive and they were willing to spend the money and give me all the support to rewrite the entire framework in C#. It was time to make Automation a success in the company. And it was going to be more thrilling than any movie we can imagine with all the twists and turns.
Read more

API Testing with Rest Assured - Validating the json schema

-
Image
Sometimes you would get a json response while testing web applications. To make sure that all fields are present, but at the same time keeping the tests generic, you might write something like this given below.(although, a newbie way of writing tests)  @Category(RegressionTests.class)     @Test     public void verifyResponseByValidatingPresenceOfAllFields() {         given().                 param("product", "HomeLoan").                 param("fromHomeLoanId", -100).         when().                 get("/loans").         then().                 statusCode(200).                 contentType(ContentType.JSON).                 body(containsString("loans"))....
Read more