{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T17:12:04Z","timestamp":1772039524204,"version":"3.50.1"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030926342","type":"print"},{"value":"9783030926359","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-92635-9_26","type":"book-chapter","created":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T13:02:45Z","timestamp":1641042165000},"page":"439-459","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Yet Another Traffic Black Hole: Amplifying CDN Fetching Traffic with RangeFragAmp Attacks"],"prefix":"10.1007","author":[{"given":"Chi","family":"Xu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Juanru","family":"Li","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Junrong","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,1,1]]},"reference":[{"key":"26_CR1","unstructured":"OpenCDN: The idea of traffic amplification attacks (2013). http:\/\/drops.wooyun.org\/papers\/679"},{"key":"26_CR2","doi-asserted-by":"crossref","unstructured":"Chen, J., et al.: Forwarding-loop attacks in content delivery networks. In: NDSS (2016)","DOI":"10.14722\/ndss.2016.23442"},{"key":"26_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"371","DOI":"10.1007\/978-3-642-04444-1_23","volume-title":"Computer Security \u2013 ESORICS 2009","author":"S Triukose","year":"2009","unstructured":"Triukose, S., Al-Qudah, Z., Rabinovich, M.: Content delivery networks: protection or threat? In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 371\u2013389. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04444-1_23"},{"key":"26_CR4","doi-asserted-by":"crossref","unstructured":"Li, W., et al.: CDN backfired: amplification attacks based on HTTP range requests. In: 2020 50th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 14\u201325. IEEE (2020)","DOI":"10.1109\/DSN48063.2020.00022"},{"key":"26_CR5","unstructured":"Radware: Amplification Attack. https:\/\/www.radware.com\/security\/ddos-knowledge-center\/ddospedia\/amplification-attack"},{"key":"26_CR6","unstructured":"CloudFront: What is a DNS amplification attack? (2020). https:\/\/www.cloudflare.com\/learning\/ddos\/dns-amplification-ddos-attack\/"},{"key":"26_CR7","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-319-19210-9_1","volume-title":"Future Network Systems and Security","author":"TG Booth","year":"2015","unstructured":"Booth, T.G., Andersson, K.: Elimination of DoS UDP reflection amplification bandwidth attacks, protecting TCP services. In: Doss, R., Piramuthu, S., Zhou, W. (eds.) FNSS 2015. CCIS, vol. 523, pp. 1\u201315. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-19210-9_1"},{"key":"26_CR8","doi-asserted-by":"crossref","unstructured":"Fielding, R., Lafon, Y., Reschke, J.: Hypertext transfer protocol (HTTP\/1.1): range requests. IETF RFC7233, June 2014","DOI":"10.17487\/rfc7233"},{"key":"26_CR9","unstructured":"Alibaba Cloud: Alibaba Cloud Content Delivery Network. https:\/\/www.alibabacloud.com\/product\/cdn"},{"key":"26_CR10","unstructured":"Tencent Cloud: Tencent Cloud Content Delivery Network. https:\/\/intl.cloud.tencent.com\/product\/cdn"},{"key":"26_CR11","unstructured":"Baidu AI Cloud: Baidu AI Cloud Content Delivery Network. https:\/\/intl.cloud.baidu.com\/product\/cdn.html"},{"key":"26_CR12","unstructured":"Huawei Cloud: Huawei Cloud Content Delivery Network. https:\/\/www.huaweicloud.com\/en-us\/product\/cdn.html"},{"key":"26_CR13","unstructured":"Amazon Web Services: Amazon CloudFront Content Delivery Network. https:\/\/aws.amazon.com\/cloudfront\/. Accessed 10 Feb 2021"},{"key":"26_CR14","series-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/978-3-030-00916-8_7","volume-title":"Collaborative Computing: Networking, Applications and Worksharing","author":"X Liu","year":"2018","unstructured":"Liu, X., Yang, P., Dong, Y., Ahmed, S.H.: A comparative analysis of content delivery capability for collaborative dual-architecture network. In: Romdhani, I., Shu, L., Takahiro, H., Zhou, Z., Gordon, T., Zeng, D. (eds.) CollaborateCom 2017. LNICST, vol. 252, pp. 63\u201372. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-00916-8_7"},{"key":"26_CR15","unstructured":"Tencent: Tencent cloud security white paper. Technical report, Tencent Cloud Security Team & Tencent Research Institute Security Research Center, June 2019"},{"key":"26_CR16","doi-asserted-by":"publisher","first-page":"210988","DOI":"10.1109\/ACCESS.2020.3037164","volume":"8","author":"Y Wen","year":"2020","unstructured":"Wen, Y., Chen, Y., Shao, M.-L., Guo, J.-L., Liu, J.: An efficient content distribution network architecture using heterogeneous channels. IEEE Access 8, 210988\u2013211006 (2020)","journal-title":"IEEE Access"},{"key":"26_CR17","doi-asserted-by":"crossref","unstructured":"Falchuk, B., \u017bernicki, T., Koziuk, M.: Towards streamed services for co-located collaborative groups. In: 8th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), pp. 306\u2013315. IEEE (2012)","DOI":"10.4108\/icst.collaboratecom.2012.250426"},{"key":"26_CR18","doi-asserted-by":"crossref","unstructured":"Biazzini, M., Serrano-Alvarado, P., Carvajal-Gomez, R.: Towards improving user satisfaction in decentralized P2P networks. In: 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, pp. 315\u2013324. IEEE (2013)","DOI":"10.4108\/icst.collaboratecom.2013.254102"},{"key":"26_CR19","unstructured":"Tencent Cloud: Enterprise Content Delivery Network User Guide Product Documentation. Tencent, April 2020"},{"key":"26_CR20","unstructured":"GlobalDots: How to Evaluate and Implement a Multi-CDN Strategy. https:\/\/www.globaldots.com\/content-delivery-network-explained"},{"key":"26_CR21","unstructured":"Park, K., Pai, V.S.: Deploying large file transfer on an HTTP content distribution network. In: WORLDS (2004)"},{"issue":"4","key":"26_CR22","doi-asserted-by":"publisher","first-page":"688","DOI":"10.1109\/LCOMM.2017.2766636","volume":"22","author":"K Hong","year":"2018","unstructured":"Hong, K., Kim, Y., Choi, H., Park, J.: SDN-assisted slow HTTP DDoS attack defense method. IEEE Commun. Lett. 22(4), 688\u2013691 (2018)","journal-title":"IEEE Commun. Lett."},{"key":"26_CR23","doi-asserted-by":"crossref","unstructured":"Deshpande, T., Katsaros, P., Basagiannis, S., Smolka, S.A.: Formal analysis of the DNS bandwidth amplification attack and its countermeasures using probabilistic model checking. In: 2011 IEEE 13th International Symposium on High-Assurance Systems Engineering, pp. 360\u2013367. IEEE (2011)","DOI":"10.1109\/HASE.2011.57"},{"key":"26_CR24","doi-asserted-by":"publisher","first-page":"475","DOI":"10.1016\/j.cose.2013.10.001","volume":"39","author":"M Anagnostopoulos","year":"2013","unstructured":"Anagnostopoulos, M., Kambourakis, G., Kopanos, P., Louloudakis, G., Gritzalis, S.: DNS amplification attack revisited. Comput. Secur. 39, 475\u2013485 (2013)","journal-title":"Comput. Secur."},{"key":"26_CR25","doi-asserted-by":"crossref","unstructured":"Kashaf, A., Sekar, V., Agarwal, Y.: Analyzing third party service dependencies in modern web services: have we learned from the Mirai-Dyn incident? In: Proceedings of the ACM Internet Measurement Conference, pp. 634\u2013647 (2020)","DOI":"10.1145\/3419394.3423664"},{"key":"26_CR26","unstructured":"chinaz.com: CDN cloud real-time observation (2021). https:\/\/cdn.chinaz.com\/. Accessed 15 Apr 2021"},{"key":"26_CR27","unstructured":"Alibaba Cloud: Configure range origin fetch (2021). https:\/\/help.aliyun.com\/document_detail\/27129.html. Accessed 30 Jan 2021"},{"issue":"4","key":"26_CR28","doi-asserted-by":"publisher","first-page":"289","DOI":"10.1145\/1282427.1282413","volume":"37","author":"B Parno","year":"2007","unstructured":"Parno, B., Wendlandt, D., Shi, E., Perrig, A., Maggs, B., Yih-Chun, H.: Portcullis: protecting connection setup from denial-of-capability attacks. ACM SIGCOMM Comput. Commun. Rev. 37(4), 289\u2013300 (2007)","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"26_CR29","doi-asserted-by":"crossref","unstructured":"Belshe, M., Peon, R., Thomson, M.: Hypertext transfer protocol version 2 (HTTP\/2) (2015)","DOI":"10.17487\/RFC7540"},{"issue":"1","key":"26_CR30","doi-asserted-by":"publisher","first-page":"142","DOI":"10.1109\/MNET.2018.1800020","volume":"33","author":"M Luglio","year":"2019","unstructured":"Luglio, M., Romano, S.P., Roseti, C., Zampognaro, F.: Service delivery models for converged satellite-terrestrial 5G network deployment: a satellite-assisted CDN use-case. IEEE Netw. 33(1), 142\u2013150 (2019)","journal-title":"IEEE Netw."},{"key":"26_CR31","unstructured":"Data Economy: Data economy frontline. Edge computing as the most misunderstood weapon of the IoT world (2019). https:\/\/www.clearblade.com\/press\/data-economy-frontline-edge-computing-as-the-most-misunderstood-weapon-of-the-iot-world\/"},{"key":"26_CR32","doi-asserted-by":"crossref","unstructured":"Ife, C.C., Shen, Y., Stringhini, G., Murdoch, S.J.: Marked for disruption: tracing the evolution of malware delivery operations targeted for takedown. arXiv preprint arXiv:2104.01631 (2021)","DOI":"10.1145\/3471621.3471844"},{"key":"26_CR33","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1016\/j.cose.2015.09.006","volume":"57","author":"B Sieklik","year":"2016","unstructured":"Sieklik, B., Macfarlane, R., Buchanan, W.J.: Evaluation of TFTP DDoS amplification attack. Comput. Secur. 57, 67\u201392 (2016)","journal-title":"Comput. Secur."},{"key":"26_CR34","doi-asserted-by":"crossref","unstructured":"Guo, R., et al.: Abusing CDNs for fun and profit: security issues in CDNs\u2019 origin validation. In: 2018 IEEE 37th Symposium on Reliable Distributed Systems (SRDS), pp. 1\u201310. IEEE (2018)","DOI":"10.1109\/SRDS.2018.00011"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Collaborative Computing: Networking, Applications and Worksharing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-92635-9_26","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T13:06:28Z","timestamp":1641042388000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-92635-9_26"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030926342","9783030926359"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-92635-9_26","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"value":"1867-8211","type":"print"},{"value":"1867-822X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"1 January 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CollaborateCom","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Collaborative Computing: Networking, Applications and Worksharing","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 October 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 October 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"colcom2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/collaboratecom.eai-conferences.org\/2021\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Confy +","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"206","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"62","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"7","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"30% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}