Stress Testing the Booters: Understanding and Undermining the Business of DDoS Services
| Title | Stress Testing the Booters: Understanding and Undermining the Business of DDoS Services |
| Publication Type | Conference Paper |
| Year of Publication | 2016 |
| Authors | Karami, Mohammad, Park, Youngsam, McCoy, Damon |
| Conference Name | Proceedings of the 25th International Conference on World Wide Web |
| Publisher | International World Wide Web Conferences Steering Committee |
| Conference Location | Republic and Canton of Geneva, Switzerland |
| ISBN Number | 978-1-4503-4143-1 |
| Keywords | booter, Collaboration, composability, DDoS, deterrence, Human Behavior, Measurement, Metrics, paypal, pubcrawl, Resiliency, Scalability |
| Abstract | DDoS-for-hire services, also known as booters, have commoditized DDoS attacks and enabled abusive subscribers of these services to cheaply extort, harass and intimidate businesses and people by taking them offline. However, due to the underground nature of these booters, little is known about their underlying technical and business structure. In this paper, we empirically measure many facets of their technical and payment infrastructure. We also perform an analysis of leaked and scraped data from three major booters--Asylum Stresser, Lizard Stresser and VDO--which provides us with an in-depth view of their customers and victims. Finally, we conduct a large-scale payment intervention in collaboration with PayPal and evaluate its effectiveness as a deterrent to their operations. Based on our analysis, we show that these booters are responsible for hundreds of thousands of DDoS attacks and identify potentially promising methods to undermine these services by increasing their costs of operation. |
| URL | https://doi.org/10.1145/2872427.2883004 |
| DOI | 10.1145/2872427.2883004 |
| Citation Key | karami_stress_2016 |