Question

What is the difference between a Denial of Service (DoS) and a Distributed Denial of Service (DDoS) attack?

Hint:

{DoS = One attacker.
{DDoS = Many attackers working together (botnet).

Answer 1

Concept: Both DoS and DDoS attacks aim to make a website, server, or network unavailable by overwhelming it with excessive traffic or requests. The main difference lies in the number of sources and the scale of the attack. Step 1: {\color{red}Denial of Service (DoS) Attack}
A DoS attack:

• Originates from a single machine or IP address
• Floods the target with traffic or requests
• Exhausts system resources (CPU, memory, bandwidth)

It is relatively easier to detect and block since the source is limited.
Step 2: {\color{red}Distributed Denial of Service (DDoS) Attack}
A DDoS attack:

• Comes from multiple compromised systems
• Often uses a botnet (network of infected devices)
• Generates massive, distributed traffic

This makes it highly difficult to mitigate or trace.
Step 3: {\color{red}Key Differences}

• Source: DoS = single source, DDoS = multiple distributed sources
• Scale: DDoS is larger and more destructive
• Detection: DoS is easier to block; DDoS requires advanced mitigation tools

Step 4: {\color{red}Impact}
Both attacks can:

• Disrupt online services
• Cause financial loss
• Damage reputation

However, DDoS attacks are generally more severe due to their distributed nature.