Stress testing the booters: Understanding and undermining the business of DDoS services

Mohammad Karami; Youngsam Park; Damon McCoy

doi:10.1145/2872427.2883004

Stress testing the booters: Understanding and undermining the business of DDoS services

Mohammad Karami, Youngsam Park, Damon McCoy

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

DDoS-for-hire services, also known as booters, have commoditized DDoS attacks and enabled abusive subscribers of these services to cheaply extort, harass and intimidate businesses and people by taking them offline. However, due to the underground nature of these booters, little is known about their underlying technical and business structure. In this paper, we empirically measure many facets of their technical and payment infrastructure. We also perform an analysis of leaked and scraped data from three major booters| Asylum Stresser, Lizard Stresser and VDO|which provides us with an in-depth view of their customers and victims. Finally, we conduct a large-scale payment intervention in collaboration with PayPal and evaluate its effectiveness as a deterrent to their operations. Based on our analysis, we show that these booters are responsible for hundreds of thousands of DDoS attacks and identify potentially promising methods to undermine these services by increasing their costs of operation.

Original language	English (US)
Title of host publication	25th International World Wide Web Conference, WWW 2016
Publisher	International World Wide Web Conferences Steering Committee
Pages	1033-1043
Number of pages	11
ISBN (Electronic)	9781450341431
DOIs	https://doi.org/10.1145/2872427.2883004
State	Published - 2016
Event	25th International World Wide Web Conference, WWW 2016 - Montreal, Canada Duration: Apr 11 2016 → Apr 15 2016

Publication series

Name	25th International World Wide Web Conference, WWW 2016

Other

Other	25th International World Wide Web Conference, WWW 2016
Country/Territory	Canada
City	Montreal
Period	4/11/16 → 4/15/16

ASJC Scopus subject areas

Computer Networks and Communications
Software

Access to Document

10.1145/2872427.2883004

Cite this

Stress testing the booters : Understanding and undermining the business of DDoS services. / Karami, Mohammad; Park, Youngsam; McCoy, Damon.

25th International World Wide Web Conference, WWW 2016. International World Wide Web Conferences Steering Committee, 2016. p. 1033-1043 (25th International World Wide Web Conference, WWW 2016).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Karami, M, Park, Y & McCoy, D 2016, Stress testing the booters: Understanding and undermining the business of DDoS services. in 25th International World Wide Web Conference, WWW 2016. 25th International World Wide Web Conference, WWW 2016, International World Wide Web Conferences Steering Committee, pp. 1033-1043, 25th International World Wide Web Conference, WWW 2016, Montreal, Canada, 4/11/16. https://doi.org/10.1145/2872427.2883004

@inproceedings{a92ec38280fd4f5da40590fd6ca9e755,

title = "Stress testing the booters: Understanding and undermining the business of DDoS services",

abstract = "DDoS-for-hire services, also known as booters, have commoditized DDoS attacks and enabled abusive subscribers of these services to cheaply extort, harass and intimidate businesses and people by taking them offline. However, due to the underground nature of these booters, little is known about their underlying technical and business structure. In this paper, we empirically measure many facets of their technical and payment infrastructure. We also perform an analysis of leaked and scraped data from three major booters| Asylum Stresser, Lizard Stresser and VDO|which provides us with an in-depth view of their customers and victims. Finally, we conduct a large-scale payment intervention in collaboration with PayPal and evaluate its effectiveness as a deterrent to their operations. Based on our analysis, we show that these booters are responsible for hundreds of thousands of DDoS attacks and identify potentially promising methods to undermine these services by increasing their costs of operation.",

author = "Mohammad Karami and Youngsam Park and Damon McCoy",

note = "Funding Information: This work was supported by National Science Foundation grant NSF-1237076 and gifts from Google.; 25th International World Wide Web Conference, WWW 2016 ; Conference date: 11-04-2016 Through 15-04-2016",

year = "2016",

doi = "10.1145/2872427.2883004",

language = "English (US)",

series = "25th International World Wide Web Conference, WWW 2016",

publisher = "International World Wide Web Conferences Steering Committee",

pages = "1033--1043",

booktitle = "25th International World Wide Web Conference, WWW 2016",

}

TY - GEN

T1 - Stress testing the booters

T2 - 25th International World Wide Web Conference, WWW 2016

AU - Karami, Mohammad

AU - Park, Youngsam

AU - McCoy, Damon

N1 - Funding Information: This work was supported by National Science Foundation grant NSF-1237076 and gifts from Google.

PY - 2016

Y1 - 2016

N2 - DDoS-for-hire services, also known as booters, have commoditized DDoS attacks and enabled abusive subscribers of these services to cheaply extort, harass and intimidate businesses and people by taking them offline. However, due to the underground nature of these booters, little is known about their underlying technical and business structure. In this paper, we empirically measure many facets of their technical and payment infrastructure. We also perform an analysis of leaked and scraped data from three major booters| Asylum Stresser, Lizard Stresser and VDO|which provides us with an in-depth view of their customers and victims. Finally, we conduct a large-scale payment intervention in collaboration with PayPal and evaluate its effectiveness as a deterrent to their operations. Based on our analysis, we show that these booters are responsible for hundreds of thousands of DDoS attacks and identify potentially promising methods to undermine these services by increasing their costs of operation.

AB - DDoS-for-hire services, also known as booters, have commoditized DDoS attacks and enabled abusive subscribers of these services to cheaply extort, harass and intimidate businesses and people by taking them offline. However, due to the underground nature of these booters, little is known about their underlying technical and business structure. In this paper, we empirically measure many facets of their technical and payment infrastructure. We also perform an analysis of leaked and scraped data from three major booters| Asylum Stresser, Lizard Stresser and VDO|which provides us with an in-depth view of their customers and victims. Finally, we conduct a large-scale payment intervention in collaboration with PayPal and evaluate its effectiveness as a deterrent to their operations. Based on our analysis, we show that these booters are responsible for hundreds of thousands of DDoS attacks and identify potentially promising methods to undermine these services by increasing their costs of operation.

UR - http://www.scopus.com/inward/record.url?scp=85032871219&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85032871219&partnerID=8YFLogxK

U2 - 10.1145/2872427.2883004

DO - 10.1145/2872427.2883004

M3 - Conference contribution

AN - SCOPUS:85032871219

T3 - 25th International World Wide Web Conference, WWW 2016

SP - 1033

EP - 1043

BT - 25th International World Wide Web Conference, WWW 2016

PB - International World Wide Web Conferences Steering Committee

Y2 - 11 April 2016 through 15 April 2016

ER -

Stress testing the booters: Understanding and undermining the business of DDoS services

Abstract

Publication series

Other

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this