Based on the information provided, the leg of the CIA triad being targeted in this distributed denial-of-service (DDoS) attack is availability.
The CIA triad refers to the three core principles of information security - confidentiality, integrity, and availability.
A DDoS attack overwhelms a target's network or server resources with fake traffic, rendering the system unable to handle legitimate requests. This directly impacts the availability of the system or service being targeted.
Confidentiality deals with limiting access to information to authorized users only. A DDoS attack does not aim to access or expose sensitive information, so confidentiality is likely not being compromised.
Integrity refers to safeguarding the accuracy and trustworthiness of data. The flood of requests does not modify or corrupt the data itself. So integrity is also not the focus of a DDoS attack.
The sole purpose of a DDoS attack is to take the target's services or resources offline and make them unavailable to users. This directly and primarily affects the availability leg of the CIA triad.
Therefore, the leg of the CIA triad being targeted in this distributed denial-of-service attack is availability.