Amplified, Volumetric, Reflected, Application

Amplified DDoS Attack:

An Amplified DDoS attack uses an amplification factor to generate a high volume of traffic to the target server. Attackers send small requests to an amplifying service, such as DNS servers, that responds with much larger responses. The attacker spoofs the source address of these requests to make it look like they originated from the victim’s IP address, causing the amplifying service to send large responses to the target, overwhelming it with traffic.

Volumetric DDoS Attack:

A Volumetric DDoS attack aims to consume the bandwidth of the target network or service by sending a massive amount of data, typically measured in Gbps (Gigabits per second) or PPS (Packets per second). These attacks flood the network infrastructure with excessive traffic, effectively choking the bandwidth and causing legitimate traffic to be dropped or severely delayed.

Reflected DDoS Attack:

A Reflected DDoS attack involves sending requests to legitimate servers with the source IP address spoofed to be that of the target. The legitimate servers then send their responses to the target IP, overwhelming it with the volume of responses. This type of attack often uses services like DNS or NTP (Network Time Protocol) to reflect and amplify the traffic towards the target.

Application DDoS Attack:

An Application DDoS attack targets the application layer (Layer 7 of the OSI model) with the intent of exhausting the server’s resources or overwhelming the application itself. These attacks mimic legitimate user behavior and target specific functionalities or APIs of the application, making them harder to detect and mitigate. Examples include HTTP floods, where an attacker sends numerous HTTP requests to exhaust the server’s processing capacity.

Summary:

• Amplified DDoS Attack: Leverages amplification factors from other services to generate massive traffic towards the target.

• Volumetric DDoS Attack: Floods the target with an overwhelming amount of data to consume its bandwidth.

• Reflected DDoS Attack: Spoofs the target's IP address in requests to legitimate servers, causing those servers to send large volumes of responses to the target.

• Application DDoS Attack: Targets specific application functions to exhaust resources at the application layer, often mimicking legitimate user traffic.