Why would we get attacked? An analysis of attacker's aims behind DDoS attacks

Research output: Contribution to journalArticleAcademicpeer-review

33 Citations (Scopus)
218 Downloads (Pure)


Reliable availability to the internet and internet-based services is crucial in today’s world. DDoS attacks pose a severe threat to the availability of such online resources – especially owing to booters – virtually everyone can execute them nowadays. In order to appropriately protect oneself against such attacks, it is essential to have a good insight into the threats that exist. This paper proposes a novel hybrid model that combines postulates from various models on crime opportunity, analyzing the targeted victim and the targeted infrastructure in conjunction. We apply this model to analyze 27 distinct attack events that occurred in 2016. To construct this dataset, we utilize a longitudinal news database specific to DDoS-related events, aiding to select relevant attack events. We outline the procedure to replicate the dataset construction process. Looking at DDoS attacks solely as a technical issue is not enough, news articles can be an important resource in providing contextual relevance to this problem. Our analysis reveals several motives underlying DDoS attacks; economic reasons are but one of the possible aims. For this reason, we advise companies to also monitor the socio-cultural and political environment. In terms of infrastructure, visibility and accessibility are the main instigators for an attack. A holistic perspective is imperative to accurately map the threats that companies face and to take appropriate protective measures.
Original languageEnglish
Pages (from-to)3-22
Number of pages19
JournalJournal of wireless mobile networks, ubiquitous computing, and dependable applications
Issue number2
Publication statusPublished - 30 Jun 2020


  • DDoS attacks
  • Routine Activity Theory
  • Aims
  • Cyber Attacks
  • Cyber Crime
  • Cybersecurity
  • Motivation/goal setting


Dive into the research topics of 'Why would we get attacked? An analysis of attacker's aims behind DDoS attacks'. Together they form a unique fingerprint.

Cite this