There are mainly three types of DDoS attacks:
Application Layer Attacks
It is also called a layer 7 DDoS attack. Its primary aim is exhaust system resources making them unavailable for legitimate users. The attacker runs multiple HTTP requests and drain the available system resources and make the server unavailable to process the requests. It is also called as HTTP flood attack.
Protocol attacks, also called state-exhaustion attacks, target the state table capacity of the server or resources like load balancers and firewalls. As an example, the SYN flood attack exploits the TCP handshake protocol by sending a large number of TCP SYN packets to initiate “Initial Connection Request” with the victim. These packets have forged source IP addresses. The victim machine sends response to every coming connection request and waits for the next packet of handshake data indefinitely. As a result all the resources are exhausted in this process.
Here the attacker play on the bandwidth of the server and generates huge traffic thereby saturating the server bandwidth. An example of this type of this attack is “DNS Amplification Attack”. Here the attacker sends requests to DNS server with spoofed IP address (victim’s IP address), as a result the victim IP address start receiving large amount of response from the server which was meant for attacker.