Booter websites characterization: Towards a list of threats

Justyna Joanna Chromik; José Jair Cardoso de Santanna; Anna Sperotto; Aiko Pras

Booter websites characterization: Towards a list of threats

Justyna Joanna Chromik, José Jair Cardoso de Santanna, Anna Sperotto, Aiko Pras

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

1125 Downloads (Pure)

Abstract

Distributed Denial of Service (DDoS) attacks mean millions in revenue losses to many industries, such e-commerce and online financial services. The amount of reported DDoS attacks has increased with 47% compared to 2013. One of the reasons for this increase is the availability and ease of accessibility to websites, which provide DDoS attacks as a paid service, called Booters. Although there are hundreds of Booters available, current researches are focused on a handful sample of them - either to analyse attack traffic or hacked databases. Towards a thorough understanding and mitigation of Booters, a comprehensive list of them is needed. In this paper we characterize Booter websites and demonstrate that the found main characteristics can be used to classify Booters with 85% of accuracy. The Dutch National Research and Education Network (SURFnet) has been using a list generated by our methodology since 2013, what demonstrates high relevance to the network management community and the security specialists.

Original language	Undefined
Title of host publication	Proceedings of 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015
Place of Publication	Brazil
Publisher	Brazilian Computer Society (SBC)
Pages	445-458
Number of pages	14
ISBN (Print)	2177-496X
Publication status	Published - May 2015
Event	33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015 - Vitoria, Brazil Duration: 18 May 2015 → 22 May 2015 Conference number: 33

Publication series

Name
Publisher	Brazilian Computer Society (SBC)
ISSN (Print)	2177-496X

Conference

Conference	33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015
Abbreviated title	SBRC
Country/Territory	Brazil
City	Vitoria
Period	18/05/15 → 22/05/15
Other	(Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos)

Keywords

EWI-26162
METIS-312680
IR-96841

Access to Document

http://sbrc2015.ufes.br/wp-content/uploads/138741.1.pdf

Cite this

@inproceedings{693807fbf8d14464b2605b7c96e8d864,

title = "Booter websites characterization: Towards a list of threats",

abstract = "Distributed Denial of Service (DDoS) attacks mean millions in revenue losses to many industries, such e-commerce and online financial services. The amount of reported DDoS attacks has increased with 47% compared to 2013. One of the reasons for this increase is the availability and ease of accessibility to websites, which provide DDoS attacks as a paid service, called Booters. Although there are hundreds of Booters available, current researches are focused on a handful sample of them - either to analyse attack traffic or hacked databases. Towards a thorough understanding and mitigation of Booters, a comprehensive list of them is needed. In this paper we characterize Booter websites and demonstrate that the found main characteristics can be used to classify Booters with 85% of accuracy. The Dutch National Research and Education Network (SURFnet) has been using a list generated by our methodology since 2013, what demonstrates high relevance to the network management community and the security specialists.",

keywords = "EWI-26162, METIS-312680, IR-96841",

author = "Chromik, {Justyna Joanna} and {Cardoso de Santanna}, {Jos{\'e} Jair} and Anna Sperotto and Aiko Pras",

note = "eemcs-eprint-26162 ; 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015 ; Conference date: 18-05-2015 Through 22-05-2015",

year = "2015",

month = may,

language = "Undefined",

isbn = "2177-496X",

publisher = "Brazilian Computer Society (SBC)",

pages = "445--458",

booktitle = "Proceedings of 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015",

}

Chromik, JJ, Cardoso de Santanna, JJ , Sperotto, A & Pras, A 2015, Booter websites characterization: Towards a list of threats. in Proceedings of 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015. Brazilian Computer Society (SBC), Brazil, pp. 445-458, 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015, Vitoria, Brazil, 18/05/15. <http://sbrc2015.ufes.br/wp-content/uploads/138741.1.pdf>

Booter websites characterization: Towards a list of threats. / Chromik, Justyna Joanna; Cardoso de Santanna, José Jair ; Sperotto, Anna et al.
Proceedings of 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015. Brazil: Brazilian Computer Society (SBC), 2015. p. 445-458.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Booter websites characterization: Towards a list of threats

AU - Chromik, Justyna Joanna

AU - Cardoso de Santanna, José Jair

AU - Sperotto, Anna

AU - Pras, Aiko

N1 - Conference code: 33

PY - 2015/5

Y1 - 2015/5

N2 - Distributed Denial of Service (DDoS) attacks mean millions in revenue losses to many industries, such e-commerce and online financial services. The amount of reported DDoS attacks has increased with 47% compared to 2013. One of the reasons for this increase is the availability and ease of accessibility to websites, which provide DDoS attacks as a paid service, called Booters. Although there are hundreds of Booters available, current researches are focused on a handful sample of them - either to analyse attack traffic or hacked databases. Towards a thorough understanding and mitigation of Booters, a comprehensive list of them is needed. In this paper we characterize Booter websites and demonstrate that the found main characteristics can be used to classify Booters with 85% of accuracy. The Dutch National Research and Education Network (SURFnet) has been using a list generated by our methodology since 2013, what demonstrates high relevance to the network management community and the security specialists.

AB - Distributed Denial of Service (DDoS) attacks mean millions in revenue losses to many industries, such e-commerce and online financial services. The amount of reported DDoS attacks has increased with 47% compared to 2013. One of the reasons for this increase is the availability and ease of accessibility to websites, which provide DDoS attacks as a paid service, called Booters. Although there are hundreds of Booters available, current researches are focused on a handful sample of them - either to analyse attack traffic or hacked databases. Towards a thorough understanding and mitigation of Booters, a comprehensive list of them is needed. In this paper we characterize Booter websites and demonstrate that the found main characteristics can be used to classify Booters with 85% of accuracy. The Dutch National Research and Education Network (SURFnet) has been using a list generated by our methodology since 2013, what demonstrates high relevance to the network management community and the security specialists.

KW - EWI-26162

KW - METIS-312680

KW - IR-96841

M3 - Conference contribution

SN - 2177-496X

SP - 445

EP - 458

BT - Proceedings of 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015

PB - Brazilian Computer Society (SBC)

CY - Brazil

T2 - 33rd Brazilian Symposium on Computer Networks and Distributed Systems, SBRC 2015

Y2 - 18 May 2015 through 22 May 2015

ER -