Overview
...
Types of Attacks
Volume Based Attacks –The attacker’s try to saturate the bandwidth of the targets flooding it with a huge quantity of data, the category includes ICMP floods, UDP floods and other spoofed-packet floods. This type of attack is very common and very simple to realize thanks to the huge quantity of tools available for free on the Internet, the technique is very popular in the hacktivist underground. Volume Based Attacks magnitude is measured in bits per second (Bps)
Protocol Attacks –The attacker’s goal is to saturate server resources of the targets or those of intermediate communication equipment (e.g. Load balancers) exploiting network protocol flaw. The category includes SYN floods, Ping of Death, fragmented packet attacks, Smurf DDoS and more. The Protocol Attacks magnitude is measured in Packets per second.
Application Layer Attacks – The attackers target HTTP trying to exhaust the resource limits of Web services. Application Layer Attacks target specific Web applications flooding them with a huge quantity of requests that saturate target’s resources. Application Layer attacks are hard to detect because they don’t necessarily involve large volumes of traffic and require fewer network connections with respect to other types of DDoS techniques. Some example of Application Layer DDoS attacks is Slowloris, and DDoS attacks that target Apache, Windows, or OpenBSD vulnerabilities. Application Layer Attacks magnitude is measured in Requests per second.
Layer 7
http://ddosattackprotection.org/blog/layer-7-ddos-attack/
A Layer 7 DDoS attack uses the seventh protocol of the OSI Model to target the application interface, in the process mimicking real, human behavior that is harder to detect and mitigate.
https://blog.sucuri.net/2014/02/layer-7-ddos-blocking-http-flood-attacks.html
Attack sample.
References
Amazon White Paper- https://d0.awsstatic.com/whitepapers/DDoS_White_Paper_June2015.pdf