{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T23:15:06Z","timestamp":1763507706087},"publisher-location":"Cham","reference-count":30,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319663319"},{"type":"electronic","value":"9783319663326"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-66332-6_19","type":"book-chapter","created":{"date-parts":[[2017,10,11]],"date-time":"2017-10-11T07:58:05Z","timestamp":1507708685000},"page":"427-449","source":"Crossref","is-referenced-by-count":14,"title":["Linking Amplification DDoS Attacks to Booter Services"],"prefix":"10.1007","author":[{"given":"Johannes","family":"Krupp","sequence":"first","affiliation":[]},{"given":"Mohammad","family":"Karami","sequence":"additional","affiliation":[]},{"given":"Christian","family":"Rossow","sequence":"additional","affiliation":[]},{"given":"Damon","family":"McCoy","sequence":"additional","affiliation":[]},{"given":"Michael","family":"Backes","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,10,12]]},"reference":[{"key":"19_CR1","unstructured":"The Spoofer Project. http:\/\/spoofer.cmand.org"},{"key":"19_CR2","doi-asserted-by":"crossref","unstructured":"Backes, M., Holz, T., Rossow, C., Rytilahti, T., Simeonovski, M., Stock, B.: On the feasibility of TTL-based filtering for DRDoS mitigation. In: Proceedings of the 19th International Symposium on Research in Attacks, Intrusions and Defenses (2016)","DOI":"10.1007\/978-3-319-45719-2_14"},{"key":"19_CR3","unstructured":"Bethencourt, J., Franklin, J., Vernon, M.: Mapping internet sensors with probe response attacks. In: Proceedings of the 14th Conference on USENIX Security Symposium (2005)"},{"key":"19_CR4","doi-asserted-by":"crossref","unstructured":"Czyz, J., Kallitsis, M., Gharaibeh, M., Papadopoulos, C., Bailey, M., Karir, M.: Taming the 800 pound gorilla: the rise and decline of NTP DDoS attacks. In: Proceedings of the Internet Measurement Conference 2014. ACM (2014)","DOI":"10.1145\/2663716.2663717"},{"key":"19_CR5","doi-asserted-by":"crossref","unstructured":"Gilad, Y., Goberman, M., Herzberg, A., Sudkovitch, M.: CDN-on-Demand: an affordable DDoS defense via untrusted clouds. In: Proceedings of NDSS 2016 (2016)","DOI":"10.14722\/ndss.2016.23109"},{"key":"19_CR6","unstructured":"Karami, M., McCoy, D.: Understanding the emerging threat of DDoS-as-a-service. In: LEET (2013)"},{"key":"19_CR7","doi-asserted-by":"crossref","unstructured":"Karami, M., Park, Y., McCoy, D.: Stress testing the booters: understanding and undermining the business of DDoS services. In: World Wide Web Conference (WWW). ACM (2016)","DOI":"10.1145\/2872427.2883004"},{"key":"19_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"615","DOI":"10.1007\/978-3-319-26362-5_28","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"L Kr\u00e4mer","year":"2015","unstructured":"Kr\u00e4mer, L., Krupp, J., Makita, D., Nishizoe, T., Koide, T., Yoshioka, K., Rossow, C.: AmpPot: monitoring and defending against amplification DDoS attacks. In: Bos, H., Monrose, F., Blanc, G. (eds.) RAID 2015. LNCS, vol. 9404, pp. 615\u2013636. Springer, Cham (2015). doi: 10.1007\/978-3-319-26362-5_28"},{"key":"19_CR9","unstructured":"Kreibich, C., Warfield, A., Crowcroft, J., Hand, S., Pratt, I.: Using packet symmetry to curtail malicious traffic. In: Proceedings of the 4th Workshop on Hot Topics in Networks (Hotnets-VI) (2005)"},{"key":"19_CR10","doi-asserted-by":"crossref","unstructured":"Krupp, J., Backes, M., Rossow, C.: Identifying the scan and attack infrastructures behind amplification DDoS attacks. In: Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS) (2016)","DOI":"10.1145\/2976749.2978293"},{"key":"19_CR11","unstructured":"K\u00fchrer, M., Hupperich, T., Rossow, C., Holz, T.: Exit from hell? reducing the impact of amplification DDoS attacks. In: Proceedings of the 23rd USENIX Security Symposium (2014)"},{"key":"19_CR12","unstructured":"K\u00fchrer, M., Hupperich, T., Rossow, C., Holz, T.: Hell of a handshake: abusing TCP for reflective amplification DDoS attacks. In: Proceedings of the 8th USENIX Workshop on Offensive Technologies (WOOT 2014) (2014)"},{"key":"19_CR13","unstructured":"A. Networks. Worldwide Infrastructure Security Report (2015). https:\/\/www.arbornetworks.com\/images\/documents\/WISR2016_EN_Web.pdf"},{"key":"19_CR14","unstructured":"Ferguson, P., Senie, D.: BCP 38 on Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing (2000). http:\/\/tools.ietf.org\/html\/bcp.38"},{"key":"19_CR15","doi-asserted-by":"crossref","unstructured":"Paxson, V.: An analysis of using reflectors for distributed denial-of-service attacks. Comput. Commun. Rev. (2001)","DOI":"10.1145\/505659.505664"},{"key":"19_CR16","unstructured":"Perrig, A., Song, D., Yaar, A.: StackPi: A New Defense Mechanism against IP Spoofing and DDoS Attacks. Technical report (2003)"},{"key":"19_CR17","unstructured":"Prince, M.: The DDoS That Almost Broke the Internet (2013). https:\/\/blog.cloudflare.com\/the-ddos-that-almost-broke-the-internet\/"},{"key":"19_CR18","doi-asserted-by":"crossref","unstructured":"Rossow, C.: Amplification hell: revisiting network protocols for DDoS abuse. In: Proceedings of NDSS 2014 (2014)","DOI":"10.14722\/ndss.2014.23233"},{"key":"19_CR19","doi-asserted-by":"crossref","unstructured":"Santanna, J., Durban, R., Sperotto, A., Pras, A.: Inside booters: an analysis on operational databases. In: 14th IFIP\/IEEE International Symposium on Integrated Network Management (IM) (2015)","DOI":"10.1109\/INM.2015.7140320"},{"key":"19_CR20","doi-asserted-by":"crossref","unstructured":"Santanna, J.J., van Rijswijk-Deij, R., Hofstede, R., Sperotto, A., Wierbosch, M., Granville, L.Z., Pras, A.: Booters - an analysis of DDoS-As-a-Service attacks. In: 14th IFIP\/IEEE International Symposium on Integrated Network Management (IM) (2015)","DOI":"10.1109\/INM.2015.7140298"},{"key":"19_CR21","doi-asserted-by":"crossref","unstructured":"Savage, S., Wetherall, D., Karlin, A., Anderson, T.: Practical network support for IP traceback. In: ACM SIGCOMM Computer Communication Review, vol. 30. ACM (2000)","DOI":"10.1145\/347059.347560"},{"key":"19_CR22","doi-asserted-by":"crossref","unstructured":"Snoeren, A.C., Partridge, C., Sanchez, L.A., Jones, C.E., Tchakountio, F., Kent, S.T., Strayer, W.T.: Hash-based IP traceback. In: ACM SIGCOMM Computer Communication Review, vol. 31. ACM (2001)","DOI":"10.1145\/383059.383060"},{"key":"19_CR23","unstructured":"Song, D.X., Perrig, A.: Advanced and authenticated marking schemes for IP traceback. In: Proceedings of the 20th Annual Joint Conference of the IEEE Computer and Communications Societies. IEEE (2001)"},{"key":"19_CR24","doi-asserted-by":"crossref","unstructured":"Sun, X., Torres, R., Rao, S.: DDoS attacks by subverting membership management in P2P systems. In: Proceedings of the 3rd IEEE Workshop on Secure Network Protocols (NPSec) (2007)","DOI":"10.1109\/NPSEC.2007.4371618"},{"key":"19_CR25","doi-asserted-by":"crossref","unstructured":"Sun, X., Torres, R., Rao, S.: On the feasibility of exploiting P2P systems to launch DDoS attacks. J. Peer-to-Peer Networking Appl. 3 (2010)","DOI":"10.1007\/s12083-009-0046-6"},{"key":"19_CR26","doi-asserted-by":"crossref","unstructured":"van Rijswijk-Deij, R., Sperotto, A., Pras, A.: DNSSEC and its potential for DDoS attacks - a comprehensive measurement study. In: Proceedings of the Internet Measurement Conference 2014. ACM (2014)","DOI":"10.1145\/2663716.2663731"},{"key":"19_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"205","DOI":"10.1007\/978-3-319-20550-2_11","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"A Wang","year":"2015","unstructured":"Wang, A., Mohaisen, A., Chang, W., Chen, S.: Capturing DDoS attack dynamics behind the scenes. In: Almgren, M., Gulisano, V., Maggi, F. (eds.) DIMVA 2015. LNCS, vol. 9148, pp. 205\u2013215. Springer, Cham (2015). doi: 10.1007\/978-3-319-20550-2_11"},{"key":"19_CR28","doi-asserted-by":"crossref","unstructured":"Wang, X., Reiter, M.K.: Mitigating bandwidth-exhaustion attacks using congestion puzzles. In: Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS) (2004)","DOI":"10.1145\/1030083.1030118"},{"key":"19_CR29","doi-asserted-by":"crossref","unstructured":"Welzel, A., Rossow, C., Bos, H.: On measuring the impact of DDoS botnets. In: Proceedings of the 7th European Workshop on Systems Security (EuroSec) (2014)","DOI":"10.1145\/2592791.2592794"},{"key":"19_CR30","doi-asserted-by":"crossref","unstructured":"Yaar, A., Perrig, A., Song, D.: Pi: a path identification mechanism to defend against DDoS attacks. In: Proceedings of the IEEE Symposium on Security and Privacy (S&P) (2003)","DOI":"10.1109\/SECPRI.2003.1199330"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions, and Defenses"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-66332-6_19","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,4]],"date-time":"2019-10-04T09:19:07Z","timestamp":1570180747000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-66332-6_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319663319","9783319663326"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-66332-6_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]}}}