I am writing a master thesis on security threats on the application level.
I am currently writing about identification of security threats on the application level, but I have an issue with DDoS attacks. I know I can follow network traffic to detect any unusual activity on my application. But that is not layer seven, right? I am confused by how I detect DDoS attack on my web server within layer 7, is there way to do so, and what ways to detect should I look into.
