Distributed Denial of Service attacks overwhelm your infrastructure:
Attack types:
- Volumetric: Flood bandwidth (UDP floods)
- Protocol: Exhaust server resources (SYN floods)
- Application: Target specific endpoints (HTTP floods)
Defenses:
- CDN: Absorbs traffic at edge, close to attackers
- Rate limiting: Drop excessive requests
- Geographic filtering: Block traffic from unexpected regions
- Anycast: Distribute traffic across multiple data centers
Cloud providers: AWS Shield, Cloudflare, Akamai. They have more bandwidth than attackers.
Application layer: Most dangerous. Looks like legitimate traffic. Requires behavior analysis.