IDP Application-Level DDoS Attack Overview

The intent of an application-level DDoS attack is to overwhelm the targeted server, such as a DNS or HTTP servers, so it can not perform it’s intended services. This is done by making a tremendous amount of application requests from malicious bot clients that often use spoofed IP addresses.

Application-level DDoS attacks are different than traditional Layer 3 and Layer 4 DDoS attacks, such as a SYN flood. From a Layer 3 and Layer 4 perspective, the attack can appear as legitimate transactions. Traditional Layer 3 and Layer 4 DDoS solutions can only rate limit these attacks and begin the application transactions, instead of denying the attacks.

Related Topics

• Junos OS Feature Support Reference for SRX Series and J Series Devices
• IDP Policies Overview
• Understanding IDP Application-Level DDoS Rulebases
• IDP Application-Level DDoS Protection Overview
• Example: Enabling IDP Protection Against Application-Level DDoS Attacks (CLI)