Distributed denial-of-service (DDoS) attacks temporarily or indefinitely disrupt services of a host connected to a network to render an entire network or website unavailable. There are three attacks in this category considered to be the most common — volumetric attacks, application layer attacks and protocol attacks — the last of which relies on weaknesses in internet communications protocols, such as firewalls or routing engines.
According to A10 Networks, the global nature of these protocols makes fixing existing weaknesses complicated, and even when they are reengineered to fix existing flaws, new weaknesses are often introduced, which enables new types of protocol attacks to emerge.