Volumetric attacks - Test your ability to withstand extreme and sustained attacks. Includes UDP floods and ICMP floods. The attack’s goal is to saturate the bandwidth of the attacked site, and magnitude is measured in bits per second (Bps).

Application-layer attacks - Send excessive HTTP/S GET or POST requests to test your resistance to resource exhaustion. Includes low-and-slow attacks, GET/POST floods, attacks that target Apache, Windows or OpenBSD vulnerabilities and more. Comprised of seemingly legitimate and innocent requests, these attacks aim to crash the web server, and the magnitude is measured in Requests per second (Rps) or Connections per second (Cps).

Protocol attacks - Consume actual server resources, or those of intermediate communication equipment, such as firewalls and load balancers, and are measured in packets per second (Pps).

One group of DDoS attacks is called “Volumetric Attacks,” typically a flood of UDP or ICMP traffic.

In these attacks, the attacker sends a high volume of “garbage” traffic, which has no meaning at the application or protocol level, and its only purpose is to make the Internet pipeline saturated. Since these attacks use a high bandwidth, it will not be effective if we block them on the server side, because the pipeline is congested. To effectively block this type of attack, we must have a mitigation machine on the Internet provider side, which means that the traffic must be blocked before the traffic reaches our pipeline.

The second type of DDoS is Protocol attacks, usually TCP. These attacks typically contain a high rate of packets per second, though each packet is small in size. 

The last type in our list is an Application-layer DDoS attack. In this attack, the attacker sends a high rate of requests to the target server – more than the maximal capacity.