Privia Security was chosen as one of Türkiye's fastest growing companies!
Privia Security was chosen as one of Türkiye's fastest growing companies!
Almost all DDoS attacks aim to take a target device or network with traffic out of service by leaving it under load. At this point, we can divide Denial of Service DDoS Attacks into three main categories. Of course, cyber attackers attack the servers or networks targeted by using one or more different attack vectors, while also keeping the attack going by cycling through attack vectors. DDoS attacks are classified into three main attack categories.
Application layer attacks
Protocol attacks
Volumetric attacks
Application Layer Attacks; In some cases also referred to as a layer 7 DDoS attack (referring to Layer 7 of the OSI model), the aim of these attacks is built on completely exhausting the target’s resources in order to create a denial of service.
The attacks target the application layer where web pages are generated on the server and delivered in response to HTTP requests. As an example, we can include HTTP flood attacks in this category. In this attack, a large number of HTTP requests fill the server, system resources such as RAM and CPU are consumed, and ultimately denial of service is caused.
Protocol Attacks; Protocol attacks, also known as state exhaustion attacks, cause service disruption by over-consuming server resources or the resources of network equipment such as firewalls and load balancers. Protocol attacks use weaknesses in layer 3 and layer 4 of the protocol stack to make the target inaccessible.
We can show SYN Flood as an example of this type of attack. By sending a large number of TCP SYN packets with spoofed source IP addresses, it abuses the TCP handshake, the communication sequence by which two computers initiate a network connection. The target machine responds to each connection request and then waits for the final step of the handshake, which never occurs. Each waiting operation begins to consume CPU and RAM and also fills up the system. Then the target’s resources are exhausted and it becomes unable to respond.
Volumetric Attacks; This category of attack tries to obstruct the system’s communication by consuming all available bandwidth between the target and the Internet. By generating large traffic to a target such as a large amount of data, a form of amplification or requests from a botnet, the network volume providing the internet connection is completely filled.
We can show DNS amplification attacks as an example of this type of attack. With very little effort, a long response is generated and sent to the victim server. At some point, the victim server is exposed to network traffic so large that it cannot respond to incoming requests of very large size.
You May Be Interested In These
