State-exhaustion DDoS attacks, or resource exhaustion attacks, are primarily focused on taking down services or underlying network infrastructure which is responsible for delivering content to the end users. This might involve an attacker targeting DNS name servers with invalid name queries, thus resulting in increased load on the DNS infrastructure itself, disrupting service as users will no longer be able to connect to the services as the DNS name cannot be resolved to IP addresses. This DDoS attack vector was used in the DYN attack in 2016 which resulted in major web sites like Amazon, Twitter, Github and others becoming unavailable. The attacker might also target Transport Layer Security (TLS) endpoints, thereby resulting in legitimate users being unable to connect to the services. As the name suggests, these DDoS attacks target stateful devices such as Next Gen Firewalls with the intention of filling TCP State Tables with bogus connections. These DDoS attacks are typically employed by determined attackers who monitor and adjust their attacks for maximum impact.

State Exhaustion DDoS Attack