Modern methods of preventing DDoS attacks and protecting web servers

• Published in: Программные системы и вычислительные методы no. 2; pp. 190 - 203
• Main Authors: Kozyreva, Nadezhda Ivanovna, Muhtulov, Mihail Olegovich, Ershov, Sergei Aleksandrovich, Novoseltseva, Sofiya Vladimirovna, Akhmadullin, Dinar Ayratovich
• Format: Journal Article
• Language: English
• Published: 01.02.2025
• ISSN: 2454-0714; 2454-0714
• DOI: 10.7256/2454-0714.2025.2.73667

The object of the study is modern methods and technologies for protecting web servers from distributed denial of service (DDoS) attacks. The subject of the research covers current strategies for preventing and mitigating DDoS threats, including a detailed classification of attacks by types and vectors of impact. Special attention is paid to the mechanisms of DDoS attack effects on information systems, addressing both the technical aspects of operational disruptions and their consequences for business processes. The field of study analyzes modern technological protection solutions: Anycast routing, rate limiting, behavioral analysis systems for network traffic, and CAPTCHA mechanisms. Additionally, the integration of innovative approaches with traditional cybersecurity tools—such as firewalls, intrusion prevention systems (IPS), and protective proxy servers—is explored. The relevance of the research is determined by the rapid digitization and exponential growth in the complexity of cyberattacks, making the issue of DDoS protection critically important for ensuring the resilience of web infrastructures. The methodology includes an analysis of DDoS attacks at the network, transport, and application levels, assessing their impact on IT systems. Modern protective technologies are examined, including anomaly detection systems, load balancing, ML traffic filtering, and cloud solutions. Special attention is given to the adaptability and scalability of protection. The scientific novelty of the work lies in a comprehensive analysis of the economic and technical aspects of countering DDoS threats, including an assessment of the cost and effectiveness of various solutions for businesses of different scales. The research offers practical recommendations for building multi-layered protection that combines innovative approaches (machine learning, cloud services) with proven methods (firewalls, IPS). An analysis of real cases demonstrates the effectiveness of adaptive strategies against modern complex attacks. The conclusions emphasize the need for a proactive approach to security that considers both technological and organizational protective measures. The results obtained have practical value for cybersecurity specialists, system administrators, and developers of protective solutions, providing them with a methodological basis for creating DDoS-resistant web infrastructures. The work also outlines promising directions for further research in the field of intelligent detection and neutralization systems for attacks.