Flood attacks:
SYN flood (TCP state exhaustion),
ICMP flood (ping flood, bandwidth),
UDP flood (stateless bandwidth),
HTTP flood (Layer 7, hardest to mitigate).
SYN cookies prevent SYN floods without state. HTTP floods require Layer 7 analysis — behavioral patterns, rate limiting, CAPTCHA. CDN/scrubbing centers absorb volumetric floods. Layer 7 attacks need fewer packets but are harder to distinguish from legitimate traffic.