Booters - an analysis of DDoS-as-a-Service attacks

José Jair Cardoso de Santanna, Roland M. van Rijswijk, R.J. Hofstede, Anna Sperotto, Mark Wierbosch, Lisandro Zambenedetti Granville, Aiko Pras

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    84 Citations (Scopus)
    916 Downloads (Pure)

    Abstract

    In 2012, the Dutch National Research and Education Network, SURFnet, observed a multitude of Distributed Denial of Service (DDoS) attacks against educational institutions. These attacks were effective enough to cause the online exams of hundreds of students to be cancelled. Surprisingly, these attacks were purchased by students from websites, known as Booters. These sites provide DDoS attacks as a paid service (DDoS-as-a-Service) at costs starting from 1 USD. Since this problem was first identified by SURFnet, Booters have been used repeatedly to perform attacks on schools in SURFnet's constituency. Very little is known, however, about the characteristics of Booters, and particularly how their attacks are structure. This is vital information needed to mitigate these attacks. In this paper we analyse the characteristics of 14 distinct Booters based on more than 250 GB of network data from real attacks. Our findings show that Booters pose a real threat that should not be underestimated, especially since our analysis suggests that they can easily increase their firepower based on their current infrastructure.
    Original languageUndefined
    Title of host publicationProceedings of the IFIP/IEEE International Symposium on Integrated Network Management, IM 2015
    EditorsRemi Badonnel, Jin Xiao, Shingo Ata, Filip De Turck, Voicy Groza, Carlos Raniery P. dos Santos
    Place of Publication978-3-901882-76-0
    PublisherIEEE Computer Society
    Pages243 -251
    Number of pages9
    ISBN (Print)978-3-901882-76-0
    DOIs
    Publication statusPublished - 11 May 2015
    EventIFIP/IEEE International Symposium on Integrated Network Management 2015: Integrated Management in the Age of Big Data - Ottawa, Canada
    Duration: 11 May 201515 May 2015
    http://im2015.ieee-im.org/

    Publication series

    Name
    PublisherIEEE Computer Society

    Conference

    ConferenceIFIP/IEEE International Symposium on Integrated Network Management 2015
    Abbreviated titleIM 2015
    CountryCanada
    CityOttawa
    Period11/05/1515/05/15
    Internet address

    Keywords

    • DACS: Booters
    • METIS-312498
    • IR-96839
    • EWI-25727

    Cite this

    Cardoso de Santanna, J. J., van Rijswijk, R. M., Hofstede, R. J., Sperotto, A., Wierbosch, M., Zambenedetti Granville, L., & Pras, A. (2015). Booters - an analysis of DDoS-as-a-Service attacks. In R. Badonnel, J. Xiao, S. Ata, F. De Turck, V. Groza, & C. R. P. dos Santos (Eds.), Proceedings of the IFIP/IEEE International Symposium on Integrated Network Management, IM 2015 (pp. 243 -251). 978-3-901882-76-0: IEEE Computer Society. https://doi.org/10.1109/INM.2015.7140298