DDoS Glossary

UDP Flood

Family Network Attacks
Attack Vector UDP Flood
Variants Reflective Amplified FloodsDNS Garbage FloodUDP Port 80 Garbage Flood
DRS ID 22003
Supports spoofing Yes
Capture file example  


A UDP Flood is a network DDoS attack involving the sending of numerous UDP packets toward the victim. This attack can arrive from a spoofed source IP address; it does not require opening a connection, which is the reason why an attack can generate massive amounts of traffic with few resources.

UPD will, foremost, cause internet pipe saturation. It can also impact firewall and other stateful devices.

UDP flood is actually a family of many attack vectors, including virtually all the reflective amplification floods, the DNS garbage flood, the port UDP port 80 garbage flood and more.



The UDP flood’s main objective is to impact the internet pipe. Attackers today can easily generate floods at rates of 1Gbps, 10Gbps, 50Gbps and more. Most organizations have lines less than 1Gbps.

If the line is not impacted, the firewall or other stateful devices can be overwhelmed by the attack since they must allocate resources to each of the packet’s.


Technology Description
State/Anomaly protection
Rate limit

*UDP floods are typically mitigated