Application Layer Denial of Service

Denial of service is when an attacker floods your website with traffic in order to disrupt the availability of your service to legitimate users. A denial of service attack may involve multiple sources of the attack (such as a botnet) rather than just one machine. In this case, it is called a Distributed Denial of Service attack (DDoS).

Denial of service can also be targeted at different layers of connectivity within the OSI model. A large percentage of DoS attacks are targeted at layer 3 & 4, the Transport and Network layer. However, Application layer (layer 7) DoS attacks are becoming increasingly common. Application-level DDoS attacks now make up around 14% of all DDoS attacks – a proportion which is steadily growing. These attacks are not volumetric attempts at overwhelming the network, but are aimed at the Application level. This means that the web site itself is targeted.

These attacks are hidden in normal web traffic, and are often very difficult to automatically distinguish from the normal use of the web site. So standard filtering methods are hard to apply. Nixer uses next generation machine learning techniques and highly scalable architecture to provide an ultra low latency and highly resilient solution for application-layer (layer 7) protection.