Which flood targets a web server by overwhelming it with application-layer requests?

The main idea is an application-layer flood attack, where the target is overwhelmed by a high volume of HTTP requests that exhaust the web server’s application resources—such as worker processes, thread pools, and back-end connections. By sending many HTTP GETs or POSTs, the attacker uses legitimate-looking traffic to tie up server capacity, degrade performance, or crash services. This makes it harder to spot at the network level since the traffic can resemble normal user activity, so defenses focus on the application layer: web application firewalls, rate limiting, caching and CDNs, and targeted request filtering. In contrast, other floods operate at different layers: a SYN flood exhausts the server’s TCP connection backlog by initiating many half-open connections, an ICMP flood overwhelms bandwidth with echo requests at the network layer, and a DNS flood targets DNS servers with a flood of queries to consume resolver or authoritative server resources.