Imminent attacks on critical infrastructure can disrupt operations. It also interrupts information availability. One way through cyberspace is to harness the distributed computing power and flood on targeted systems with massive information as a consequence of denial in service. This paper discusses the distributed denial of service (DDoS) attack, a potential cyberthreat in AMI communication network. A typical DDoS includes two stages: (1) agents recruitment stage and (2) actual attack stage. In this paper, various models of malware installation and flooding attack on AMI devices are introduced and potential impacts are studied. Some particular attack scenario is simulated using NS3. We also discussed the potential defense technologies.