Abstract

Distributed Denial of Service (DDoS) attacks mean millions in revenue losses to many industries, such e-commerce and online financial services. The amount of reported DDoS attacks has increased with 47% compared to 2013. One of the reasons for this increase is the availability and ease of accessibility to websites, which provide DDoS attacks as a paid service, called Booters. Although there are hundreds of Booters available, current researches are focused on a handful sample of them - either to analyse attack traffic or hacked databases. Towards a thorough understanding and mitigation of Booters, a comprehensive list of them is needed. In this paper we characterize Booter websites and demonstrate that the found main characteristics can be used to classify Booters with 85% of accuracy. The Dutch National Research and Education Network (SURFnet) has been using a list generated by our methodology since 2013, what demonstrates high relevance to the network management community and the security specialists.
Original languageUndefined
Title of host publicationProceedings of 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015
Place of PublicationBrazil
PublisherBrazilian Computer Society (SBC)
Pages445-458
Number of pages14
ISBN (Print)2177-496X
StatePublished - May 2015
Event33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015 - Vitoria, Brazil

Publication series

Name
PublisherBrazilian Computer Society (SBC)
ISSN (Print)2177-496X

Conference

Conference33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015
Abbreviated titleSBRC
CountryBrazil
CityVitoria
Period18/05/1522/05/15
Other(Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos)

Fingerprint

Attack
Denial
Web sites
Revenue
Data base
Accessibility
Mitigation
Methodology
Industry

Keywords

  • EWI-26162
  • METIS-312680
  • IR-96841

Cite this

Chromik, J. J., Cardoso de Santanna, J. J., Sperotto, A., & Pras, A. (2015). Booter websites characterization: Towards a list of threats. In Proceedings of 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015 (pp. 445-458). Brazil: Brazilian Computer Society (SBC).

Chromik, Justyna Joanna; Cardoso de Santanna, José Jair; Sperotto, Anna; Pras, Aiko / Booter websites characterization: Towards a list of threats.

Proceedings of 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015. Brazil : Brazilian Computer Society (SBC), 2015. p. 445-458.

Research output: Scientific - peer-reviewConference contribution

@inbook{693807fbf8d14464b2605b7c96e8d864,
title = "Booter websites characterization: Towards a list of threats",
abstract = "Distributed Denial of Service (DDoS) attacks mean millions in revenue losses to many industries, such e-commerce and online financial services. The amount of reported DDoS attacks has increased with 47% compared to 2013. One of the reasons for this increase is the availability and ease of accessibility to websites, which provide DDoS attacks as a paid service, called Booters. Although there are hundreds of Booters available, current researches are focused on a handful sample of them - either to analyse attack traffic or hacked databases. Towards a thorough understanding and mitigation of Booters, a comprehensive list of them is needed. In this paper we characterize Booter websites and demonstrate that the found main characteristics can be used to classify Booters with 85% of accuracy. The Dutch National Research and Education Network (SURFnet) has been using a list generated by our methodology since 2013, what demonstrates high relevance to the network management community and the security specialists.",
keywords = "EWI-26162, METIS-312680, IR-96841",
author = "Chromik, {Justyna Joanna} and {Cardoso de Santanna}, {José Jair} and Anna Sperotto and Aiko Pras",
note = "eemcs-eprint-26162",
year = "2015",
month = "5",
isbn = "2177-496X",
publisher = "Brazilian Computer Society (SBC)",
pages = "445--458",
booktitle = "Proceedings of 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015",

}

Chromik, JJ, Cardoso de Santanna, JJ, Sperotto, A & Pras, A 2015, Booter websites characterization: Towards a list of threats. in Proceedings of 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015. Brazilian Computer Society (SBC), Brazil, pp. 445-458, 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015, Vitoria, Brazil, 18-22 May.

Booter websites characterization: Towards a list of threats. / Chromik, Justyna Joanna; Cardoso de Santanna, José Jair; Sperotto, Anna; Pras, Aiko.

Proceedings of 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015. Brazil : Brazilian Computer Society (SBC), 2015. p. 445-458.

Research output: Scientific - peer-reviewConference contribution

TY - CHAP

T1 - Booter websites characterization: Towards a list of threats

AU - Chromik,Justyna Joanna

AU - Cardoso de Santanna,José Jair

AU - Sperotto,Anna

AU - Pras,Aiko

N1 - eemcs-eprint-26162

PY - 2015/5

Y1 - 2015/5

N2 - Distributed Denial of Service (DDoS) attacks mean millions in revenue losses to many industries, such e-commerce and online financial services. The amount of reported DDoS attacks has increased with 47% compared to 2013. One of the reasons for this increase is the availability and ease of accessibility to websites, which provide DDoS attacks as a paid service, called Booters. Although there are hundreds of Booters available, current researches are focused on a handful sample of them - either to analyse attack traffic or hacked databases. Towards a thorough understanding and mitigation of Booters, a comprehensive list of them is needed. In this paper we characterize Booter websites and demonstrate that the found main characteristics can be used to classify Booters with 85% of accuracy. The Dutch National Research and Education Network (SURFnet) has been using a list generated by our methodology since 2013, what demonstrates high relevance to the network management community and the security specialists.

AB - Distributed Denial of Service (DDoS) attacks mean millions in revenue losses to many industries, such e-commerce and online financial services. The amount of reported DDoS attacks has increased with 47% compared to 2013. One of the reasons for this increase is the availability and ease of accessibility to websites, which provide DDoS attacks as a paid service, called Booters. Although there are hundreds of Booters available, current researches are focused on a handful sample of them - either to analyse attack traffic or hacked databases. Towards a thorough understanding and mitigation of Booters, a comprehensive list of them is needed. In this paper we characterize Booter websites and demonstrate that the found main characteristics can be used to classify Booters with 85% of accuracy. The Dutch National Research and Education Network (SURFnet) has been using a list generated by our methodology since 2013, what demonstrates high relevance to the network management community and the security specialists.

KW - EWI-26162

KW - METIS-312680

KW - IR-96841

M3 - Conference contribution

SN - 2177-496X

SP - 445

EP - 458

BT - Proceedings of 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015

PB - Brazilian Computer Society (SBC)

ER -

Chromik JJ, Cardoso de Santanna JJ, Sperotto A, Pras A. Booter websites characterization: Towards a list of threats. In Proceedings of 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015. Brazil: Brazilian Computer Society (SBC). 2015. p. 445-458.