A WS-Discovery amplification attack is a Layer 4 reflection and amplification vector, one of the volumetric classes a thorough DDoS test is built to exercise. WS-Discovery (Web Services Dynamic Discovery) runs on UDP 3702 and lets devices such as IP cameras and printers announce themselves on a network. The attacker spoofs the victim's IP in a small probe to exposed WS-Discovery hosts, each of which replies with a much larger response. The amplification factor can reach several hundred times, and hundreds of thousands of devices sit reachable on the public internet.
Why it matters in DDoS testing
WS-Discovery should never face the internet, yet misconfigured IoT fleets expose it constantly. Testing confirms that no internal device answers on UDP 3702 from outside, that ingress filtering blocks the spoofed sources, and where the saturated link first drops legitimate traffic. The reflection mechanics common to these vectors are detailed in Understanding DDoS Attack Vectors.