DDoS Attacks and Mitigation

  1. Classification of DDoS Attacks
    1. Volumetric Attacks (Bandwidth Saturation)
      1. Attack Goals and Objectives
        1. UDP Flood Attacks
          1. Random Port Targeting Techniques
            1. Reflection and Amplification Methods
            2. ICMP Flood Attacks
              1. Ping Flood Variations
                1. Smurf Attack Mechanisms
                2. Amplification-Based Attacks
                  1. Third-Party Server Exploitation
                    1. Response Multiplication Techniques
                  2. Protocol Attacks (State-Exhaustion)
                    1. Resource Consumption Objectives
                      1. SYN Flood Attacks
                        1. Incomplete Handshake Exploitation
                          1. Connection Table Exhaustion
                          2. Ping of Death Attacks
                            1. Oversized Packet Transmission
                              1. Buffer Overflow Exploitation
                              2. Smurf Attack Variations
                                1. ICMP Broadcast Amplification
                                  1. Network-Level Amplification
                                  2. Fragmentation Attacks
                                    1. Overlapping Fragment Techniques
                                      1. Reassembly Resource Exhaustion
                                    2. Application Layer Attacks (Layer 7)
                                      1. Application Resource Targeting
                                        1. HTTP Flood Attacks
                                          1. GET Request Floods
                                            1. Repeated Resource Requests
                                              1. Cache Bypass Techniques
                                              2. POST Request Floods
                                                1. Large Payload Submissions
                                                  1. Form Data Exploitation
                                                2. Slow-Rate Attack Techniques
                                                  1. Slowloris Attacks
                                                    1. Partial HTTP Request Maintenance
                                                      1. Connection Pool Exhaustion
                                                      2. R.U.D.Y. (R-U-Dead-Yet?) Attacks
                                                        1. Slow POST Data Transmission
                                                          1. Application Thread Exhaustion
                                                        2. Low and Slow Attack Methods
                                                          1. Connection Holding Strategies
                                                            1. Resource Starvation Techniques
                                                            2. API-Based Attacks
                                                              1. Web API Targeting
                                                                1. Automated Request Generation

                                                            Previous

                                                            3. Anatomy of a DDoS Attack

                                                            Go to top

                                                            Next

                                                            5. DDoS Attack Infrastructure