Stress testing the booters: Understanding and undermining the business of DDoS services

Mohammad Karami, Youngsam Park, Damon McCoy

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    DDoS-for-hire services, also known as booters, have commoditized DDoS attacks and enabled abusive subscribers of these services to cheaply extort, harass and intimidate businesses and people by taking them offline. However, due to the underground nature of these booters, little is known about their underlying technical and business structure. In this paper, we empirically measure many facets of their technical and payment infrastructure. We also perform an analysis of leaked and scraped data from three major booters| Asylum Stresser, Lizard Stresser and VDO|which provides us with an in-depth view of their customers and victims. Finally, we conduct a large-scale payment intervention in collaboration with PayPal and evaluate its effectiveness as a deterrent to their operations. Based on our analysis, we show that these booters are responsible for hundreds of thousands of DDoS attacks and identify potentially promising methods to undermine these services by increasing their costs of operation.

    Original languageEnglish (US)
    Title of host publication25th International World Wide Web Conference, WWW 2016
    PublisherInternational World Wide Web Conferences Steering Committee
    Pages1033-1043
    Number of pages11
    ISBN (Electronic)9781450341431
    DOIs
    StatePublished - 2016
    Event25th International World Wide Web Conference, WWW 2016 - Montreal, Canada
    Duration: Apr 11 2016Apr 15 2016

    Publication series

    Name25th International World Wide Web Conference, WWW 2016

    Other

    Other25th International World Wide Web Conference, WWW 2016
    Country/TerritoryCanada
    CityMontreal
    Period4/11/164/15/16

    ASJC Scopus subject areas

    • Computer Networks and Communications
    • Software

    Fingerprint

    Dive into the research topics of 'Stress testing the booters: Understanding and undermining the business of DDoS services'. Together they form a unique fingerprint.

    Cite this