DDoS Attack means “Distributed Denial-of-Service (DDoS) Attack” and it is a cybercrime in which the attacker floods a server with internet traffic to prevent users from accessing connected online services and sites.
These attacks are carried out by disgruntled individuals and hacktivists wanting to take down a company’s servers simply to make a statement, have fun by exploiting cyber weakness, or express disapproval.
In general, DDoS attacks can be segregated by which layer of the Open Systems Interconnection (OSI) model they attack. They are most common at the Network (layer 3), Transport (Layer 4), Presentation (Layer 6) and Application (Layer 7) Layers.
DDOS Attack Classification
While thinking about mitigation techniques against these attacks, it is useful to group them as Infrastructure layer (Layers 3 and 4) and Application Layer (Layer 6 and 7) attacks.
Infrastructure Layer Attacks
Attacks at Layer 3 & 4. These are also the most common type of DDoS attack and include vectors like synchronized (SYN) floods and other reflection attacks like User Datagram Packet (UDP) floods.
These attacks are usually large in volume and aim to overload the capacity of the network or the application servers. But fortunately, these are also the type of attacks that have clear signatures and are easier to detect.
Application Layer Attacks
Attacks at Layer 6 and 7. These attacks are more sophisticated. These attacks are typically small in vol. compared to the other attacks but tend to focus on particular expensive parts of the application thereby making it unavailable for real users.
For instance, a flood of HTTP requests to a login page, or an expensive search API, or even WordPress XML-RPC floods (also known as WordPress pingback attacks).
FAQ:
Can one protect against DDoS attacks? Yes, There are DDoS Protection Techniques.
