Chapter 7 Firewall for FortiOS 5.0 : Network defense : Defending against DoS attacks : Other flood types
  
Other flood types
UDP and ICMP packets can also be used for DoS attacks, though they are less common. TCP SYN packets are so effective because the target receives them and maintains a session table entry for each until they time out. Attacks using UDP or ICMP packets do not require the same level of attention from a target, rendering them less effective. The target will usually drop the offending packets immediately, closing the session.
Use the udp_flood and icmp_flood thresholds to defend against these DoS attacks.