DDoS attacks are mainly divided into Layer 3 & 4 and Layer 7 attacks. Traditional DDoS attacks are usually Layer 3 & 4, aiming to use up bandwidth or the connection limits of your network resources. Most anti-DDoS solutions are effective in mitigating such attacks.
Layer 7 attacks operate at the application protocol level (e.g., HTTP, FTP, SMTP), and are designed to hit server and system resources. Layer 7 attacks are usually more effective and consume less resources to break the limits of victim services. Attacks may appear like legitimate requests and are difficult to differentiate (e.g., HTTP GET/POST DDoS attack).