In some cases, it is important not only to know the basic information about a DDoS attack, but also to clearly distinguish attacks by their potential severity. Different monitoring systems use various metrics to assess criticality.
At StormWall, we classify attacks as Low, Medium, High, and Very High.
Criteria for Network-Layer (L3) Attacks
Network-layer (L3) attacks are measured in two key units: BPS and PPS.
BPS
| Attack Power | Severity Level |
| up to 1 Gbps | Low |
| from 1 to 10 Gbps | Medium |
| from 10 to 100 Gbps | High |
| over 100 Gbps | Very High |
PPS
| Attack Power | Severity Level |
| up to 1 Mpps | Low |
| from 1 to 20 Mpps | Medium |
| от 20 до 100 Mpps | High |
| over 100 Mpps | Very High |
Criteria for Application-Layer (L7) Attacks
We determine the severity of application-layer (L7) attacks based on RPS.
| Attack Power | Severity Level |
| up to 100 RPS | Low |
| from 100 to 1000 RPS | Medium |
| from 1000 to 10,000 RPS | High |
| over 10,000 RPS | Very High |
Information Integration
If you need to integrate attack severity information into your internal monitoring systems or build your own advanced analytics, you can use our API as described in the documentation. The attack severity level is returned in the response to the detailed attack information request.
Request examples:
