Distributed Denial of Service (DDoS) attacks overwhelm servers or networks by flooding them with malicious traffic. This document provides an overview of DDoS attacks including a brief history highlighting major attacks from 2002 to 2012, descriptions of different types of attacks at the network and application levels, terminology used in DDoS attacks such as nodes and command-and-control servers, examples of amplification techniques using XML entities, and recommendations for protection, incident response, and next steps to improve security.