![Page 1: Characterizing and Mitigating The DDoS-as-a-Service Phenomenon · 2014-07-04 · Booter Type of Attack Avg Traffic Rate! [Gbps] N° Misused ! systems B1 DNS-based 0.7 4486 B2 DNS-based](https://reader033.vdocument.in/reader033/viewer/2022043012/5faaba8ae9cde15b67618bed/html5/thumbnails/1.jpg)
Characterizing and Mitigating The DDoS-as-a-Service
PhenomenonJair Santanna
Design and Analysis of Communication Systems 30/06/2014
![Page 2: Characterizing and Mitigating The DDoS-as-a-Service Phenomenon · 2014-07-04 · Booter Type of Attack Avg Traffic Rate! [Gbps] N° Misused ! systems B1 DNS-based 0.7 4486 B2 DNS-based](https://reader033.vdocument.in/reader033/viewer/2022043012/5faaba8ae9cde15b67618bed/html5/thumbnails/2.jpg)
DDoS attacks!
300Gbps
400Gbps
![Page 3: Characterizing and Mitigating The DDoS-as-a-Service Phenomenon · 2014-07-04 · Booter Type of Attack Avg Traffic Rate! [Gbps] N° Misused ! systems B1 DNS-based 0.7 4486 B2 DNS-based](https://reader033.vdocument.in/reader033/viewer/2022043012/5faaba8ae9cde15b67618bed/html5/thumbnails/3.jpg)
![Page 4: Characterizing and Mitigating The DDoS-as-a-Service Phenomenon · 2014-07-04 · Booter Type of Attack Avg Traffic Rate! [Gbps] N° Misused ! systems B1 DNS-based 0.7 4486 B2 DNS-based](https://reader033.vdocument.in/reader033/viewer/2022043012/5faaba8ae9cde15b67618bed/html5/thumbnails/4.jpg)
“Booter" | “Stresser" | “DDoSer" | "DDoS-as-a Service”|"DDoS-for-hire"
![Page 5: Characterizing and Mitigating The DDoS-as-a-Service Phenomenon · 2014-07-04 · Booter Type of Attack Avg Traffic Rate! [Gbps] N° Misused ! systems B1 DNS-based 0.7 4486 B2 DNS-based](https://reader033.vdocument.in/reader033/viewer/2022043012/5faaba8ae9cde15b67618bed/html5/thumbnails/5.jpg)
Online Tools that offer "DDoS-as-a-$ervice".
“Booter" | “Stresser" | “DDoSer" | "DDoS-as-a Service”|"DDoS-for-hire"
$5
![Page 6: Characterizing and Mitigating The DDoS-as-a-Service Phenomenon · 2014-07-04 · Booter Type of Attack Avg Traffic Rate! [Gbps] N° Misused ! systems B1 DNS-based 0.7 4486 B2 DNS-based](https://reader033.vdocument.in/reader033/viewer/2022043012/5faaba8ae9cde15b67618bed/html5/thumbnails/6.jpg)
DDoS Attack
The DDoS-as-a-Service Phenomenon
Less than 5 Dollars to attack everyone
No more opponents!!
No more ONLINE exams!!
Economic Impact!!
![Page 7: Characterizing and Mitigating The DDoS-as-a-Service Phenomenon · 2014-07-04 · Booter Type of Attack Avg Traffic Rate! [Gbps] N° Misused ! systems B1 DNS-based 0.7 4486 B2 DNS-based](https://reader033.vdocument.in/reader033/viewer/2022043012/5faaba8ae9cde15b67618bed/html5/thumbnails/7.jpg)
DDoS Attack
The DDoS-as-a-Service Phenomenon
Less than 5 Dollars to attack everyone
KEEP your boyfriend far from "Nerd stuff"
More attention to your presentation!!!
![Page 8: Characterizing and Mitigating The DDoS-as-a-Service Phenomenon · 2014-07-04 · Booter Type of Attack Avg Traffic Rate! [Gbps] N° Misused ! systems B1 DNS-based 0.7 4486 B2 DNS-based](https://reader033.vdocument.in/reader033/viewer/2022043012/5faaba8ae9cde15b67618bed/html5/thumbnails/8.jpg)
How to Characterize the DDoS-as-a-Service phenomenon?
How to Mitigate the DDoS-as-a-Service phenomenon?
Research Questions:
Booter
![Page 9: Characterizing and Mitigating The DDoS-as-a-Service Phenomenon · 2014-07-04 · Booter Type of Attack Avg Traffic Rate! [Gbps] N° Misused ! systems B1 DNS-based 0.7 4486 B2 DNS-based](https://reader033.vdocument.in/reader033/viewer/2022043012/5faaba8ae9cde15b67618bed/html5/thumbnails/9.jpg)
• How to mitigate DDoS-as-a-Service at the customer level?• How to mitigate DDoS-as-a-Service at the target level?• How to mitigate DDoS-as-a-Service at the point where the infrastructure is controlled?
Mitigate• How popular they are and which services they offer?• What are the characteristics of DDoS attacks launched by them?• How do they control infrastructures that perform attacks?
Characterize
Front-end
Customer TargetBack-end
DNS Server
NTP Server
Bot (from a botnet)
How do Booters work?
Booter
![Page 10: Characterizing and Mitigating The DDoS-as-a-Service Phenomenon · 2014-07-04 · Booter Type of Attack Avg Traffic Rate! [Gbps] N° Misused ! systems B1 DNS-based 0.7 4486 B2 DNS-based](https://reader033.vdocument.in/reader033/viewer/2022043012/5faaba8ae9cde15b67618bed/html5/thumbnails/10.jpg)
...
![Page 11: Characterizing and Mitigating The DDoS-as-a-Service Phenomenon · 2014-07-04 · Booter Type of Attack Avg Traffic Rate! [Gbps] N° Misused ! systems B1 DNS-based 0.7 4486 B2 DNS-based](https://reader033.vdocument.in/reader033/viewer/2022043012/5faaba8ae9cde15b67618bed/html5/thumbnails/11.jpg)
"One more thing…"
![Page 12: Characterizing and Mitigating The DDoS-as-a-Service Phenomenon · 2014-07-04 · Booter Type of Attack Avg Traffic Rate! [Gbps] N° Misused ! systems B1 DNS-based 0.7 4486 B2 DNS-based](https://reader033.vdocument.in/reader033/viewer/2022043012/5faaba8ae9cde15b67618bed/html5/thumbnails/12.jpg)
TWO
![Page 13: Characterizing and Mitigating The DDoS-as-a-Service Phenomenon · 2014-07-04 · Booter Type of Attack Avg Traffic Rate! [Gbps] N° Misused ! systems B1 DNS-based 0.7 4486 B2 DNS-based](https://reader033.vdocument.in/reader033/viewer/2022043012/5faaba8ae9cde15b67618bed/html5/thumbnails/13.jpg)
About Price
Repeat as much as you want!
�
���
���
���
���
���
� � � � � �� ��
�� �����
����� �������� ��� �������
��
���
���
���
���
���
� � � � � �� ��
�� �����
������ ������� �����
�
���
�
���
� ��� � ��������
� �������
Package expiration + Attack duration
"Package" || "Bundle" || "Plans"
![Page 14: Characterizing and Mitigating The DDoS-as-a-Service Phenomenon · 2014-07-04 · Booter Type of Attack Avg Traffic Rate! [Gbps] N° Misused ! systems B1 DNS-based 0.7 4486 B2 DNS-based](https://reader033.vdocument.in/reader033/viewer/2022043012/5faaba8ae9cde15b67618bed/html5/thumbnails/14.jpg)
Booter Type of Attack Avg Traffic Rate![Gbps]
N° Misused !systems
B1 DNS-based 0.7 4486B2 DNS-based 0.25 78B3 DNS-based 0.33 54B4 DNS-based 1.19 2970B5 DNS-based 0.006 8281B6 DNS-based 0.15 7379B7 DNS-based 0.32 6075
B8 CharGen-based 0.99 281B9 CharGen-based 5.48 3779
9427x
Potencial for worse attacks
![Page 15: Characterizing and Mitigating The DDoS-as-a-Service Phenomenon · 2014-07-04 · Booter Type of Attack Avg Traffic Rate! [Gbps] N° Misused ! systems B1 DNS-based 0.7 4486 B2 DNS-based](https://reader033.vdocument.in/reader033/viewer/2022043012/5faaba8ae9cde15b67618bed/html5/thumbnails/15.jpg)
The DDoS-as-a-Service Phenomenon…
Very Cheap and
Powerful*