A Distributed Denial of Service (DDoS) attack aims to overwhelm a server or network with traffic, making it unavailable to real users.
Volumetric Attacks (Layer 3/4)
These attacks try to consume all available bandwidth. UDP Floods and DNS Amplification are common examples. The goal is to saturate the pipe so legitimate traffic simply can't fit.
Application Layer Attacks (Layer 7)
These are much sneakier. Instead of sending raw traffic, the attacker sends complex HTTP requests (like searching a database) that consume CPU and RAM on the backend server with very little bandwidth.
How Mitigation Works
Services like Cloudflare use Scrubbing Centers to inspect incoming traffic, dropping automated bot requests while letting real human users through.