A multi-vector attack is a concept, the realistic adversary model a thorough DDoS test is built to reproduce. It is a DDoS campaign that combines several attack classes at once or in rapid succession: a volumetric UDP reflection flood to saturate the link, a protocol attack to exhaust stateful tables, and an application-layer flood to burn backend CPU. The vectors target different tiers simultaneously, so a defense tuned for one can be bypassed by another.
Why it matters in DDoS testing
Real attackers rarely send a single clean vector. They probe, pivot, and stack methods, escalating whichever one a defense fails to absorb. Testing each vector in isolation misses the interaction: a WAF busy filtering an L7 flood while conntrack saturates underneath it, or a scrubbing rule for volumetric traffic that does nothing for a slow-POST attack. A test that runs vectors concurrently measures how the defenses behave together under combined pressure.
How these attack classes layer across the stack is detailed in Understanding DDoS Attack Vectors.