Basic Concepts

DDoS Attack

Denial of Service (DoS) attacks intend to exhaust the network or system resources on the target computer, causing service interruption or suspension. Consequently, legitimate users fail to access network services. A Distributed Denial of Service (DDoS) attack involves multiple compromised computers controlled by an attacker flooding the targeted server with superfluous requests.

Black Hole

A black hole refers to a situation where access to a cloud server is blocked by Huawei Cloud because attack traffic targeting a cloud server exceeds a certain threshold.

Traffic Scrubbing

Anti-DDoS Service monitors workload traffic in real time and scrubs attack traffic through the DDoS traffic scrubbing center without affecting normal services.

Traffic Cleaning Threshold

Anti-DDoS scrubs traffic when detecting that the incoming traffic of an IP address exceeds the traffic cleaning threshold. It will discard attack traffic and permit normal service traffic.

SYN flood attack

A SYN flood attack is a typical denial of service (DoS) attack. Utilizing the loop hole in the Transmission Control Protocol (TCP), the attacker sends a huge number of forged TCP connection requests to the target to exhaust its resources (fully loaded CPU or insufficient memory). Consequently, the target fails to respond to normal connection requests.

ACK Flood

In an ACK flood attack, an attacker sends a large volume of TCP ACK packets to overwhelm a server. Similar to other types of Distributed Denial-of-Service (DDoS) attacks, ACK flood attacks utilize malicious traffic to saturate the target system, thereby slowing it down or causing it to become unresponsive. As a consequence, the targeted server becomes unavailable to serve legitimate users. Specifically, the server is forced to dedicate excessive computational resources to processing each incoming ACK packet, leading to a significant degradation in performance and ultimately rendering it incapable of providing services to legitimate users.

UDP Attack

In UDP attacks, attackers exploit the characteristics of UDP protocol interactions to launch a massive influx of malformed or spoofed UDP packets against servers via botnets. This results in the depletion of network bandwidth resources on the affected servers, significantly reducing their processing capacity and causing them to malfunction.

TCP Attack

In TCP attacks, attackers exploit the characteristics of TCP protocol interactions to launch a massive influx of malformed or spoofed TCP connections against servers via botnets. This results in the depletion of network bandwidth resources on the affected servers, significantly reducing their processing capacity and causing them to malfunction.

Transparent Access

Transparent access refers to a deployment model for the Anti-DDoS Service, where the service directly assigns an elastic IP address (EIP) to the protected resources on the cloud. This allows users to access the protected resources directly through the assigned EIP.

SDK Access

To connect to Anti-DDoS Service, you can also use the Software Development Kit (SDK). For details about the SDKs supported by Anti-DDoS, see SDK List.

Previous topic: Related Services

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel