DDoS Attack Types

Web Applications


What does this mean for DDoS?

A distributed denial of service attack (DDoS) is a Denial of Service (DoS) subclass attack. DDoS attacks involve multiple online connected devices, known together as a botnet, used to overwhelm fake traffic on a target website.

DDoS attacks, unlike other forms of cyber threats, do not try to penetrate the security perimeter. They seek instead to render your servers and website inaccessible to legitimate users. Also, DDoS attacks can be used as a smokescreen for other forms of malicious activities and to take down security equipment to break the security perimeter of the target. Effective DDoS attacks are highly prominent incidents that impact a whole base of online users. That makes it a common option weapon for cyber vandals, extortors, hacktivists and others who want to make a point.

DDoS attacks can last for weeks, days, and even months, which makes them highly damaging. In the worst cases, DDoS attacks can lead to revenue loss, weaken consumer confidence, cause long-term damage to reputation, and force businesses to spend huge amounts on compensation.

Popular DDoS Attacks

UDP Flood

The User Datagram Protocol ( UDP) is a networking protocol which is sessionless. In this type of attack, random ports are attacked with UDP packets to a network or computer.

SYN Flood

SYN Flood is a DDoS attack which exploits TCP link sequence vulnerabilities, known as a three-way handshake. The host machine receives a Synchronized (SYN) message to initiate the “handshake.” The message is recognized by the server that sends an acknowledgement (ACK) flag to the initial host, which closes the connection afterwards. Nevertheless, spoofed messages are sent in a SYN flood, and the link does not close, shutting down operation.

HTTP Flood

HTTP Flood appears to be allowed to use GET or POST requests which a hacker exploits. This attack using DDoS requires less bandwidth than other types of attacks, but it can force the server to use the maximum resources.

Ping of Death

Ping of Death is a type of DDoS attack that can manipulate IP protocols by transmitting malicious pings to a system. This DDoS attack was popular decades ago but today it is less effective.

Smurf Attack

A Smurf Attack is responsible for using a malware program known as smurf to exploit Internet Protocol ( IP) and the Internet Control Message Protocol ( ICMP). It spooofs an IP address and then pinges IP addresses on a specified network using ICMP.

Fraggle Attack

This attack from the DDoS uses massive quantities of UDP traffic to the broadcast network of a router. It is similar to a smurf attack but instead of using ICMP, it uses UDP.

Application-Level Attacks

By exploiting vulnerabilities in applications, this form of DDoS attack doesn’t go after the entire server, just apps with known weaknesses.


Slowloris targets the web server and takes advantage of minimal resources. With HTTP flooding, Slowloris holds the link open for as long as possible after connecting with its desired target.

Advanced Persistent DoS (APDoS)

Hackers who try to inflict severe harm use Advanced Persistent DoS (APDoS). These attacks can last for weeks, usually because the hacker rapidly changes tactics and creates diversions to escape security defenses.

NTP Amplification

NTP Amplification is an amplified reflection attack which exploits Network Time Protocol (NTP) servers to overwhelm UDP traffic, a network protocol used to synchronize computer clocks. It is “amplified,” because the server ‘s response to the original question is disproportionate.

Zero-day DDoS Attacks

Zero-day DDoS attack is the name given to new methods of attacking DDoS which can exploit vulnerabilities that have not been patched yet.