Ruslan Rakhmetov, Security Vision
Everyone who has ever used the Internet has encountered flooding. Whether it's intrusive chat messages or an attack on your favourite website, flooding is a real problem that needs attention. In this article, we'll share practical tips and expert advice on defending against flooding, based on years of experience in information security.
Flooding is the intentional clogging of information space with redundant, repetitive or meaningless messages. In the context of IS and IT, flooding can take many forms, which we will explore below. Flooding as a phenomenon emerged with the development of the Internet: from the first forums to modern social networks, it has evolved, taking new and new forms. In this article we will trace the history of flooding, consider its transformation and analyse modern methods of combating it. Flooders are individuals who deliberately engage in flooding. They may have different purposes: some flooders do it for fun or to disrupt online services, to sabotage online platforms, forums or chat rooms, or it may be part of a larger cyberattack aimed at disabling a target system. Flooding can also be used to spread unwanted adverts or spam, which we discussed earlier.
Depending on the goals and methods of implementation, flooding can slow down network devices, servers and applications, or cause a complete denial of service of the target resource (DDoS attack). In some cases, flooding can be used to divert attention from other malicious activities, such as data theft, or it can damage the reputation of a company or organisation, so we will look at the main types of this malicious activity and discuss ways to protect yourself.
Flooding as a phenomenon has many forms and manifestations in various online environments:
- Message flooding, the most common type of flooding, which consists of sending a large number of identical or meaningless messages in chat rooms, forums, messengers and other platforms. A variation of message flood is offtopic, which is posting messages off-topic to the topic of discussion. The results of this activity are clogging of information space, making communication impossible and leading to the loss of important messages in the flow of rubbish, reducing the performance of chat rooms and forums and possible DDoS attacks on chat rooms, if flooding is organised with the help of bots.
- Nick flooding involves a user frequently changing nicknames or creating a large number of bots that fill the chat room. It causes confusion among chat participants, makes it impossible to identify users, and creates chaos and disorganisation.
- Smile flooding is clogging the chat room with a large number of smileys, which makes it difficult to perceive information and distracts from communication and reduces the concentration of chat participants.
- Wipe flood is the creation of a large number of empty or meaningless threads on forums or other platforms, making it difficult to find important information and creating a sense of clutter.
- Microflood involves the use of voice communication, such as broadcasting extraneous sounds or music in voice chats. It can be used for trolling, provocation and distraction from the topic of conversation.
- Flame is an exchange of messages in Internet forums and chat rooms, which is a war of words, often unrelated to the original topic. This type of flud often includes insults and personal attacks and creates a conflictual atmosphere.
We have discussed the main types of flooding and the consequences of its use by participants in communication, so let's focus on ways to protect and reduce the risks, which can be divided into two categories: technical and organisational.
1) Technical measures include traffic filtering, speed control, noise cancellation and content filtering.
Firewalls (NGFW) control incoming and outgoing network traffic, blocking suspicious requests and data packets like a door filter that lets only the right people in and blocks unwanted guests. Intrusion Detection and Prevention Systems (IDS, IPS) analyse network traffic for anomalies and malicious activity, blocking attacks in real time like an alarm system that detects suspicious activity and warns of possible danger. Content Delivery Networks (CDNs) distribute the load on servers like a network of warehouses located in different locations (e.g., the way Yandex Love Shop works) so that goods are delivered faster and more evenly, reducing the risk of overload and protecting against DDoS attacks. All these measures are particularly effective against DoS attacks that aim to overload servers and network resources.
Content filtering (automatic removal of repetitive messages, smileys, empty threads, and other types of unwanted content) helps keep chat rooms and forums clean, protecting against message flooding, smileys, and vype flooding. Filtering works like a sieve that sifts out unwanted rubbish, like a sieve for sifting flour. Noise cancellation (using software to reduce noise in voice chats) helps prevent micro flooding and works like the same feature in noise cancelling headphones. Experts also apply various restrictions on how often messages or requests can be sent from a single IP address, which works like a water regulator on a tap that limits the flow to avoid overflowing.
CAPCHA (Completely Automated Public Turing test to tell Computers and Humans Apart), tests that allow you to distinguish between humans and bots (like an attention test), deserve special attention when considering systems to protect against flooding. Using captcha helps prevent bots from automatically sending messages, which reduces the risk of message flooding.
2) Organisational measures include user outreach and various processes for organising green communication in chat rooms, forums and social networks.
Moderation is an effective way to protect against all types of flooding. It involves enforcing the rules of a forum or chat room and removing violations: like concierges in a hotel who keep order and solve problems, moderators can remove flooding, block flooders, and use other measures to maintain order. Forum/chat rules help to create a comfortable atmosphere for communication and prevent misconduct, and work like rules of behaviour in public places in the physical world, such as a library. Warnings and penalties help maintain order and prevent repeat offences and can include temporary or permanent account lockout. They work like traffic fines.
Creating threaded sections for communication on different topics helps prevent offtopic and make communication more organised. Just like property developers and interior designers separate rooms in a house by purpose (e.g. kitchen, bedroom, living room), admins can divide all communication into topics. A rating system assesses users' reputation based on their activity on the forum or in chat: users with a bad reputation can be restricted. It works like product reviews in an online shop, which help to assess quality and choose a supplier.
Mandatory registration on platforms helps to clearly separate their activities and deserves a separate attention, although it is applied almost everywhere. It reduces anonymity and increases the responsibility of users for their actions - like passport control at the airport, which allows identifying each person.
Flooding, as we have seen, is a multidimensional problem that requires a comprehensive approach. From technical protection measures to organisational strategies and user awareness, the fight against flooding is an ongoing process that requires constant attention and adaptation to new challenges. Only by working together can we create a safer and more comfortable online space for everyone.
As technology evolves and new platforms emerge, flooding will continue to evolve, taking on new forms. Therefore, it is important to not only apply existing methods of protection, but also to constantly look for innovative approaches to combat this phenomenon. The future of online communication depends on our ability to create a sustainable and safe environment for sharing information.
