Hi Darius,
Your Denial of service policy has detected an ICMP flood. The ICMP packets are ' pings' (type8, code0), so this computer (WYKEHAMFG01) has been flooding 23.21.45.133 (compute-1.amazonaws.com) with hundreds of pings. This is not normal behaviour.
You can see in the logs that the threshold configured for pings is 300, and he' s sent 439 (and repeated it 266 times).
From what I' ve seen in schools, it' s usually the students playing around with some new ' hacking tool' they' ve found and are testing it out. Have a look and see if he' s running any Denial of Service programs like LOIC/HOIC/XOIC, or has a virtual computer like Backtrack/KALI installed.
If you have a FortiAnalyzer I would run a web/application/threat report for his computer to get an idea what the student is doing.