Understanding DDoS Attacks on AWS

A Distributed Denial of Service (DDoS) attack floods a target with traffic from many sources at once, aiming to exhaust its capacity so legitimate users cannot connect. Because the traffic comes from thousands of distributed hosts, you cannot simply block one IP; you must absorb or filter the flood.

Volumetric attacks aim to saturate network bandwidth with sheer volume, measured in gigabits or terabits per second. Examples include UDP floods and reflection or amplification attacks that bounce traffic off open servers (DNS, NTP) to multiply their size. These operate at Layer 3.