DDoS attacks, or distributed denial-of-service attacks, use a botnet of computers infected with malware to target a server or system. By flooding the target with illegitimate requests or traffic, an application-layer DDoS attack can cause the target to crash or slow down, rendering it unavailable to service legitimate users and requests.
The threat of application-layer attacks
Web applications today are increasingly sophisticated, providing businesses with invaluable capabilities and increased productivity. While these apps have accelerated the move to digital first and have become essential elements of the IT stack, they’ve also opened businesses up to new security vulnerabilities.
Application-layer attacks are used by hackers to steal data, take networks off-line, disrupt business, and extort funds from companies. From distributed denial-of-service attacks and SYN flood attacks to SQL injections and cross-site scripting, these types of attacks at the application level are constantly changing and growing in sophistication. To effectively defend against these threats, organizations need protections that can dynamically adapt to evolving attacks while minimizing the administrative burden of monitoring and managing cybersecurity solutions.
Akamai app and API security solutions offer highly effective defenses against a wide range of multi-vector, application-layer attacks. With Akamai, your business gets intelligent, end-to-end protection to secure your sites, apps, APIs, and infrastructure.
Types of application-layer attacks
Many of the most dangerous threats to enterprise security today qualify as application-layer attacks.
Denial-of-service attacks
A denial-of-service (DOS) attack is designed to flood a machine or network with malicious traffic, making it unable to serve legitimate requests and rendering it inaccessible to legitimate users. In a distributed denial-of-service (DDoS) attack, attackers use a group of hijacked devices known as a botnet to carry out large-scale attacks on a targeted system. Application-layer DDoS attacks are often part of larger threats such as ransomware attacks.
Slowloris attacks
A Slowloris DDoS attack uses partial HTTP requests to open as many connections as possible between a single computer and a targeted web server, eventually overwhelming the target and causing it to slow down or to deny service to legitimate requests.
BGP hijacking
In a BGP (Border Gateway Protocol) hijacking attack, cybercriminals maliciously reroute internet traffic by falsely claiming ownership of groups of IP addresses. This allows hackers to monitor or intercept traffic, to spoof legitimate IPs for simple spamming purposes, or to direct traffic to fake websites to steal credentials.
Flood attacks
Flood attacks are a type of DOS attack where malicious actors send a high volume of traffic to a system, preventing the target from properly examining and allowing permitted network traffic. In an ICMP flood attack, hackers attempt to overwhelm a targeted device with Internet Control Message Protocol echo requests. A UDP flood is executed by overwhelming random ports on a host with IP packets containing User Datagram Protocol packets, inundating a system with traffic to render it unresponsive to legitimate traffic.
Zero-day attacks
A zero-day attack exploits a vulnerability in an application before the vendor or cybersecurity team is aware of it, providing them with “zero days” to patch or update the software and remediate the issue.
App and API security with Akamai
Akamai’s suite of app and API security solutions helps to defend against a wide range of multi-vector and application-layer attacks by providing intelligent protection from end to end. Akamai App & API Protector is built to defend entire web and API estates with a holistic set of powerful protections designed with simplicity and customer-focused automation. Powered by an adaptive security engine, App & API Protector combines industry-leading core technologies in web application firewall (WAF), API security, bot mitigation, and DDoS protection in a single solution that is easy to use.
Self-tuning adaptive security
Akamai App & API Protector detects up to 2x more attacks (with a 5x reduction in false positives) than previous detection technology. This is the result of new multidimensional, adaptive, threat-based detections that correlate threat intelligence across the Akamai platform with data and metadata from each web and API request. Advanced decision-making logic that is tailored to an organization’s normal traffic stops both common and highly targeted attacks with incredible precision. Self-tuning capabilities reduce operational friction and administrative overhead.
Advanced API capabilities
This Akamai solution automatically discovers a full range of known, unknown, and changing APIs across web traffic. API visibility helps to defend against hidden cyberattacks while finding errors and revealing unexpected changes. Akamai makes it easy to register newly discovered APIs with just a few clicks, and all API requests are automatically inspected for malware.
Bot visibility and mitigation
Monitor and mitigate application-layer DDoS attacks with integrated bot capabilities that detect and stop unwanted bots. Gain real-time visibility into your bot traffic with access to Akamai’s directory of known bots. Investigate skewed web analytics, prevent origin overload, and create bot definitions to permit access to third-party and partner bots without obstruction.
Additional defenses against application-layer attacks
In addition to App & API Protector, Akamai offers additional layers of protection against application-layer attacks. Prolexic stops DDoS attacks with the fastest, most effective defense at scale. Client-side Protection & Compliance defends sites from client-side threats by spotting and blocking malicious activity. Edge DNS delivers highly secure DNS for the nonstop availability of web apps and APIs. And Akamai’s Managed Security Service provides access to world-class experts and best-in-class technology to help improve your security strategy with the right people, processes, and solutions.
With Akamai solutions to protect apps and APIs, you can:
- Secure your sites, apps, APIs and infrastructure, guarding your most critical assets with in-browser protection, bot defenses, and protection from application-layer DDoS attacks
- Manage app and API security in one place, relying on multiple integrated solutions to mitigate application-layer attacks seamlessly while preventing workflow disruptions
- Rely on industry-leading intelligence and expertise, including 330+ data security experts who analyze 300 TB of attack data daily.
Frequently Asked Questions (FAQ)
Application-layer attacks target specific vulnerabilities in applications that allow attackers to prevent the application from performing as intended. Application-layer attacks typically try to overwhelm networks or servers by flooding them with traffic or tying up resources to the point where service to legitimate users and requests becomes too slow or is rendered unavailable.
The best way to prevent application-layer attacks is through holistic defenses that combine web application firewalls, bot mitigation, API security, and DDoS protection. The most effective solutions analyze web traffic to understand what “normal” traffic looks like, making it easier to identify anomalies and suspicious code.
Why customers choose Akamai
Akamai powers and protects life online. Leading companies worldwide choose Akamai to build, deliver, and secure their digital experiences — helping billions of people live, work, and play every day. Akamai Connected Cloud, a massively distributed edge and cloud platform, puts apps and experiences closer to users and keeps threats farther away.