Traffic Flooding

Traffic flooding is a deliberate impact technique within the Service Disruption category that aims to overwhelm network resources or applications by generating excessive traffic volumes beyond the capacity of the target system to process. Unlike traditional volumetric DDoS attacks, application security traffic flooding often targets specific application vulnerabilities, weak input handling mechanisms, or unoptimized API endpoints that consume disproportionate resources when processing requests. This can include TCP/IP-level attacks (SYN floods, UDP floods), application layer attacks (HTTP GET/POST floods, slow HTTP attacks), or API abuse (request amplification, concurrent connection exhaustion). Attackers leverage this technique to degrade service quality, create denial of service conditions, or distract security teams while executing other attack vectors. Successful traffic flooding exploits often indicate insufficient rate limiting, improper resource allocation, inadequate input validation, or missing circuit breaker patterns in the application architecture.