Distributed Denial of Service (DDoS) Attack

Sec+ Glossary 📖 • Network Attacks🎯 • Threats ⚠️ • Network Security 🌐 • Security+ 02 • Difficulty: free

What is Distributed Denial of Service (DDoS) Attack?

A DDoS attack attempts to make a service unavailable by overwhelming it with traffic or resource-intensive requests from many distributed sources. The goal is to exhaust bandwidth, server capacity, or application resources so legitimate users cannot access the service.

Examples

An online store receives a sudden flood of traffic from thousands of compromised devices, saturating its internet connection and causing timeouts for real customers.
A gaming service is hit with repeated UDP floods that overwhelm network devices, forcing the provider to reroute traffic through a scrubbing service.

Discover 🔎

DDoS attacks are about disruption rather than stealing data. They target availability by drowning a service in traffic or requests until something breaks. Because the traffic comes from many sources, blocking a single IP address does not solve the problem. This makes DDoS a common threat for public websites, online services, and any system that must be reachable from the internet.

Remember: DoS is one source. DDoS is many sources. The “distributed” part is what makes it harder to stop with simple blocking.

Summary 📝

A DDoS attack targets availability by overwhelming a service with distributed traffic. Attacks can flood bandwidth, exhaust infrastructure, or overload applications, often using amplification to multiply power. Effective defense relies on layered resilience: CDN and WAF for web traffic, rate limiting and autoscaling for capacity, and upstream mitigation to stop floods before they saturate your network.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.