{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,2]],"date-time":"2026-07-02T13:42:18Z","timestamp":1782999738406,"version":"3.54.5"},"publisher-location":"Cham","reference-count":29,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030725815","type":"print"},{"value":"9783030725822","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-72582-2_16","type":"book-chapter","created":{"date-parts":[[2021,3,29]],"date-time":"2021-03-29T12:02:43Z","timestamp":1617019363000},"page":"269-283","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":16,"title":["New Kids on the DRDoS Block: Characterizing Multiprotocol and Carpet Bombing Attacks"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8017-1293","authenticated-orcid":false,"given":"Tiago","family":"Heinrich","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4014-6691","authenticated-orcid":false,"given":"Rafael R.","family":"Obelheiro","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2592-3664","authenticated-orcid":false,"given":"Carlos A.","family":"Maziero","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2021,3,30]]},"reference":[{"key":"16_CR1","doi-asserted-by":"publisher","first-page":"475","DOI":"10.1016\/j.cose.2013.10.001","volume":"39","author":"M Anagnostopoulos","year":"2013","unstructured":"Anagnostopoulos, M., Kambourakis, G., Kopanos, P., Louloudakis, G., Gritzalis, S.: DNS amplification attack revisited. Comput. Secur. 39, 475\u2013485 (2013)","journal-title":"Comput. Secur."},{"key":"16_CR2","unstructured":"Arteaga, J., Mejia, W.: CLDAP reflection DDoS, April 2017. https:\/\/bit.ly\/3kqyIku"},{"key":"16_CR3","unstructured":"Cimpanu, C.: The CoAP protocol is the next big thing for DDoS attacks. ZDNet, December 2018. https:\/\/zd.net\/333hymy"},{"key":"16_CR4","unstructured":"Cymru, T.: DNS research at Team Cymru (2020). http:\/\/dnsresearch.cymru.com\/"},{"key":"16_CR5","doi-asserted-by":"crossref","unstructured":"Czyz, J., Kallitsis, M., Gharaibeh, M., Papadopoulos, C., Bailey, M., Karir, M.: Taming the 800 pound gorilla: the rise and decline of NTP DDoS attacks. In: Internet Measurement Conference, pp. 435\u2013448. ACM (2014)","DOI":"10.1145\/2663716.2663717"},{"key":"16_CR6","unstructured":"DDoSMon: Insight into global DDoS threat landscape, April 2019. https:\/\/ddosmon.net\/insight\/"},{"key":"16_CR7","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1016\/j.comcom.2015.01.016","volume":"62","author":"C Fachkha","year":"2015","unstructured":"Fachkha, C., Bou-Harb, E., Debbabi, M.: Inferring distributed reflection denial of service attacks from darknet. Comput. Commun. 62, 59\u201371 (2015)","journal-title":"Comput. Commun."},{"key":"16_CR8","doi-asserted-by":"crossref","unstructured":"Jonker, M., King, A., Krupp, J., Rossow, C., Sperotto, A., Dainotti, A.: Millions of targets under attack: a macroscopic characterization of the DoS ecosystem. In: Internet Measurement Conference, pp. 100\u2013113. ACM, New York (2017)","DOI":"10.1145\/3131365.3131383"},{"key":"16_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"615","DOI":"10.1007\/978-3-319-26362-5_28","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"L Kr\u00e4mer","year":"2015","unstructured":"Kr\u00e4mer, L., et al.: AmpPot: monitoring and defending against amplification DDoS attacks. In: Bos, H., Monrose, F., Blanc, G. (eds.) RAID 2015. LNCS, vol. 9404, pp. 615\u2013636. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-26362-5_28"},{"key":"16_CR10","unstructured":"K\u00fchrer, M., Hupperich, T., Rossow, C., Holz, T.: Exit from hell? Reducing the impact of amplification DDoS attacks. In: USENIX Security Symposium (2014)"},{"key":"16_CR11","unstructured":"Majkowski, M.: Stupidly simple DDoS protocol (SSDP) generates 100 Gbps DDoS, June 2017. https:\/\/bit.ly\/35lq2W0"},{"key":"16_CR12","unstructured":"Majkowski, M.: Memcrashed - major amplification attacks from UDP port 11211, February 2018. https:\/\/bit.ly\/2HvD4Ix"},{"issue":"10","key":"16_CR13","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1016\/S1353-4858(15)30092-1","volume":"2015","author":"S Mansfield-Devine","year":"2015","unstructured":"Mansfield-Devine, S.: The growth and evolution of DDoS. Netw. Secur. 2015(10), 13\u201320 (2015)","journal-title":"Netw. Secur."},{"key":"16_CR14","unstructured":"MaxMind: GeoLite2 database, October 2020. https:\/\/www.maxmind.com\/"},{"key":"16_CR15","unstructured":"McAuley, C.: Following the crumbs: deconstructing the CLDAP DDoS reflection attack, November 2016. https:\/\/bit.ly\/3mgR08h"},{"key":"16_CR16","unstructured":"Mertens, X.: Port scanners: the good and the bad, September 2015. https:\/\/bit.ly\/3lQmFNF"},{"issue":"7","key":"16_CR17","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1016\/S1353-4858(08)70086-2","volume":"2008","author":"J Nazario","year":"2008","unstructured":"Nazario, J.: DDoS attack evolution. Netw. Secur. 2008(7), 7\u201310 (2008)","journal-title":"Netw. Secur."},{"key":"16_CR18","unstructured":"NETSCOUT: CoAP attacks in the wild, January 2019. aSERT blog. https:\/\/bit.ly\/2HqNxou"},{"key":"16_CR19","unstructured":"NETSCOUT: Dawn of the terrorbit era. Threat intelligence report 2H 2018 (2019). https:\/\/www.netscout.com\/"},{"key":"16_CR20","unstructured":"NETSCOUT: Netscout threat intelligence report for the first half of 2020 (2020). https:\/\/bit.ly\/3mh3Tzb"},{"key":"16_CR21","unstructured":"NETSCOUT, Arbor: Insight into the global threat landscape, October 2017. Netscout Arbor\u2019s 13th Annual Worldwide Infrastructure Security Report"},{"key":"16_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"368","DOI":"10.1007\/978-3-319-45719-2_17","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"A Noroozian","year":"2016","unstructured":"Noroozian, A., Korczy\u0144ski, M., Ga\u00f1an, C.H., Makita, D., Yoshioka, K., van Eeten, M.: Who gets the boot? Analyzing victimization by DDoS-as-a-service. In: Monrose, F., Dacier, M., Blanc, G., Garcia-Alfaro, J. (eds.) RAID 2016. LNCS, vol. 9854, pp. 368\u2013389. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-45719-2_17"},{"key":"16_CR23","unstructured":"OpenNTP: OpenNTPProject.org - NTP Scanning Project (2020). http:\/\/openntpproject.org\/"},{"issue":"3","key":"16_CR24","doi-asserted-by":"publisher","first-page":"38","DOI":"10.1145\/505659.505664","volume":"31","author":"V Paxson","year":"2001","unstructured":"Paxson, V.: An analysis of using reflectors for distributed denial-of-service attacks. ACM SIGCOMM Comput. Commun. Rev. 31(3), 38\u201347 (2001)","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"16_CR25","doi-asserted-by":"crossref","unstructured":"van Rijswijk-Deij, R., Sperotto, A., Pras, A.: DNSSEC and its potential for DDoS attacks: a comprehensive measurement study. In: Proceedings of the 2014 Conference on Internet Measurement Conference, pp. 449\u2013460. ACM (2014)","DOI":"10.1145\/2663716.2663731"},{"key":"16_CR26","doi-asserted-by":"crossref","unstructured":"Rossow, C.: Amplification hell: revisiting network protocols for DDoS abuse. In: Network and Distributed System Security Symposium (NDSS) (2014)","DOI":"10.14722\/ndss.2014.23233"},{"key":"16_CR27","doi-asserted-by":"crossref","unstructured":"Rudman, L., Irwin, B.: Characterization and analysis of NTP amplification-based DDoS attacks. In: Information Security for South Africa (ISSA). IEEE (2015)","DOI":"10.1109\/ISSA.2015.7335069"},{"key":"16_CR28","unstructured":"TCPDUMP: TCPDUMP\/LIBPCAP public repository (2020). https:\/\/www.tcpdump.org\/"},{"key":"16_CR29","doi-asserted-by":"crossref","unstructured":"Thomas, D.R., Clayton, R., Beresford, A.R.: 1000 days of UDP amplification DDoS attacks. In: APWG Symposium on Electronic Crime Research (eCrime), pp. 79\u201384. IEEE (2017)","DOI":"10.1109\/ECRIME.2017.7945057"}],"container-title":["Lecture Notes in Computer Science","Passive and Active Measurement"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-72582-2_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,5,4]],"date-time":"2021-05-04T19:42:20Z","timestamp":1620157340000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-72582-2_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030725815","9783030725822"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-72582-2_16","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"30 March 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"PAM","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Passive and Active Network Measurement","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Cottbus","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Germany","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 March 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"31 March 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"pam2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.pam2021.b-tu.de\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCrp","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"75","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"33","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"44% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4.9","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}