Application Level Attack
As the name itself suggests, the aim of this attack is not the exhaustion of the transmission line capacity, but an attack on a specific application. This type of attack is also referred to as a Layer 7 DDoS Attack. The attacker overloads the victim’s specific functions or functions on the application layer of the ISO/OSI model. It focuses on the part of the application that takes the most time to process the server and has a large number of requests. Over time, the server reaches a state where it will not be able to handle all requests. Application Level Attacks are mostly executed with a certain goal, such as interrupting transactions or accessing the database. Unlike a volumetric attack, this type of attack is not so difficult to implement. The attacker usually has far fewer resources, requiring only a sufficient number of attacking machines. During an attack, the attacker tries to make the attacked server think it is a normal traffic, but focuses on the specific vulnerabilities of the target application. The most common attacks of this type include the HTTP Flood Attack and Slowloris Attack.