Projects per year
Abstract
A lot of research has been devoted to understanding the technical properties of amplification DDoS attacks and the emergence of the DDoS-as-a-service economy, especially the so-called booters. Much less is known about the consequences for victimization patterns. We profile victims via data from amplification DDoS honeypots. We develop victimization rates and present explanatory models capturing key determinants of these rates. Our analysis demonstrates that the bulk of the attacks are directed at users in access networks, not at hosting, and even less at enterprise networks. We find that victimization in broadband ISPs is highly proportional to the number of ISP subscribers and that certain countries have significantly higher or lower victim rates which are only partially explained by institutional factors such as ICT development. We also find that victimization rate in hosting networks is proportional to the number of hosted domains and number of routed IP addresses and that content popularity has a minor impact on victimization rates. Finally, we reflect on the implications of these findings for the wider trend of commoditization in cybercrime.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the International Symposium on Research in Attacks, Intrusions, and Defenses, RAID 2016 |
| Subtitle of host publication | Research in Attacks, Intrusions, and Defenses |
| Publisher | Springer |
| ISBN (Electronic) | 978-3-319-45719-2 |
| ISBN (Print) | 978-3-319-45718-5 |
| DOIs | |
| Publication status | Published - 2016 |
| Event | 19th International Symposium on Research in Attacks, Intrusions and Defenses - Evry, France Duration: 19 Sept 2016 → 21 Sept 2016 http://www.raid2016.org |
Publication series
| Name | Lecture Notes in Computer Science |
|---|---|
| Publisher | Springer |
| Volume | 9854 |
| ISSN (Electronic) | 0302-9743 |
Conference
| Conference | 19th International Symposium on Research in Attacks, Intrusions and Defenses |
|---|---|
| Abbreviated title | RAID 2016 |
| Country/Territory | France |
| City | Evry |
| Period | 19/09/16 → 21/09/16 |
| Internet address |
Access to Document
Fingerprint
Dive into the research topics of 'Who Gets the Boot? Analyzing Victimization by DDoS-as-a-Service'. Together they form a unique fingerprint.Projects
- 1 Active
-
Cybersecurity (TPM)
van Eeten, M. J. G., Hernandez Ganan, C., Gürses, F. S., van Wegberg, R. S., Parkin, S. E., Zhauniarovich, Y., van Engelenburg, S. H., Kadenko, N. I., Labunets, K., Akyazi, U., Bouwman, X. B., Jansen, B. A., Kaur, M., Al Alsadi, A., Lone, Q. B., Turcios Rodriguez, E. R., Vermeer, M., van Harten, V. T. C., Vetrivel, S., Oomens, E. (. C. )., Kustosch, L. F., Bisogni, F., Ciere, M., Fiebig, T., Korczynski, M. T., Moreira Moura, G. C., Noroozian, A., Pieters, W., Tajalizadehkhoob, S., Dacier, B. H. A., San José Sanchez, J., Çetin, F. O. & Zannettou, S.
1/01/10 → …
Project: Research