A DDoS attack or a Distributed Denial of Service attack is a hacking activity wherein a black hat uses an army of botnets or compromised computer systems to render the services of a given website, system, network, and so forth unavailable to legitimate users.
The repetitive barrage of packets to the target results in a denial of service that, when left un-addressed, could even end up burning out the servers and damaging files depending on how immense the DDoS is.
Aside from botnets, tools like MyDoom can be used to start a DDoS, although its DDoS features lack a zombie agent's capability of turning against any IP address it specifically targets.
Script kiddies or amateur hacker wannabe with zero programming skills tend to use DDoS attacks to deny availability of famous websites or even controversial pages that are simply targets of their ire.
DDoS tools can be used by more experienced cyber criminals to extort their victims. Business rivals can do this to each other as well as an illegal means of competition.
The bottom line here is that the dangers of DDoS are very real, such that it has become a major issue in IT security. More to the point, stealth is one of the primary concerns companies from all over the world have in terms of this commonplace hacking tactic.
Thanks to remote host botnets as well as the general anonymity that one can afford from surfing the Internet, it's quite hard to pinpoint the originator or originators of the attack thanks largely to the worldwide web's vastness and the involvement of compromised systems that are probably scattered across the globe.
It's clear that trying to find the people responsible for a DDoS attack is akin to taking on a wild goose chase.
DDoS are more often than not perpetrated by crackers across the globe working together with their respective army of botnets at their beck and call.
To be true, it's easier to hide a tree in a forest. Groups like Anonymous, for example, are infamous for their numbers and herd mentality when it comes to attacking a given target, their numbers adding stealth to any individual black hat, script kiddie, or casual 4chan user who wants to partake on one of their pranks. Ironically, the home base of Anonymous—4chan.org—is a prime target of DDoS attacks as well.
By nature, a DDoS attack is stealthy because it requires stealth in the first place, or else no one would bother with it at all. Knowing that the victims of these attacks are usually large and powerful conglomerates.
It's certainly foolhardy to use a hacking technique that leaves you vulnerable to capture and criminal charges.
DDoS attacks are also hard to detect because they feature normal packet traits as well.
Critical infrastructure sectors and multinational companies have tried a variety of defense and detection algorithms to mitigate this problem.
For example, there's the entropy-based intrusion detection approach that readily recognizes abnormal situations within a network's channels.