Booters - an analysis of DDoS-as-a-Service attacks

José Jair Cardoso de Santanna, Roland M. van Rijswijk, R.J. Hofstede, Anna Sperotto, Mark Wierbosch, Lisandro Zambenedetti Granville, Aiko Pras

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    111 Citations (Scopus)
    1480 Downloads (Pure)


    In 2012, the Dutch National Research and Education Network, SURFnet, observed a multitude of Distributed Denial of Service (DDoS) attacks against educational institutions. These attacks were effective enough to cause the online exams of hundreds of students to be cancelled. Surprisingly, these attacks were purchased by students from websites, known as Booters. These sites provide DDoS attacks as a paid service (DDoS-as-a-Service) at costs starting from 1 USD. Since this problem was first identified by SURFnet, Booters have been used repeatedly to perform attacks on schools in SURFnet's constituency. Very little is known, however, about the characteristics of Booters, and particularly how their attacks are structure. This is vital information needed to mitigate these attacks. In this paper we analyse the characteristics of 14 distinct Booters based on more than 250 GB of network data from real attacks. Our findings show that Booters pose a real threat that should not be underestimated, especially since our analysis suggests that they can easily increase their firepower based on their current infrastructure.
    Original languageUndefined
    Title of host publicationProceedings of the IFIP/IEEE International Symposium on Integrated Network Management, IM 2015
    EditorsRemi Badonnel, Jin Xiao, Shingo Ata, Filip De Turck, Voicy Groza, Carlos Raniery P. dos Santos
    Place of Publication978-3-901882-76-0
    PublisherIEEE Computer Society
    Pages243 -251
    Number of pages9
    ISBN (Print)978-3-901882-76-0
    Publication statusPublished - 11 May 2015
    Event14th IFIP/IEEE International Symposium on Integrated Network Management, IM 2015: Integrated Management in the Age of Big Data - Shaw Centre, Ottawa, Canada
    Duration: 11 May 201515 May 2015
    Conference number: 14

    Publication series

    PublisherIEEE Computer Society


    Conference14th IFIP/IEEE International Symposium on Integrated Network Management, IM 2015
    Abbreviated titleIM 2015
    Internet address


    • DACS: Booters
    • METIS-312498
    • IR-96839
    • EWI-25727

    Cite this