{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,2]],"date-time":"2026-04-02T16:10:29Z","timestamp":1775146229563,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":33,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,11,12]],"date-time":"2021-11-12T00:00:00Z","timestamp":1636675200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,11,12]]},"DOI":"10.1145\/3460120.3484747","type":"proceedings-article","created":{"date-parts":[[2021,11,13]],"date-time":"2021-11-13T12:05:34Z","timestamp":1636805134000},"page":"940-954","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":29,"title":["Scan, Test, Execute: Adversarial Tactics in Amplification DDoS Attacks"],"prefix":"10.1145","author":[{"given":"Harm","family":"Griffioen","sequence":"first","affiliation":[{"name":"Hasso Plattner Institute, Potsdam, Germany"}]},{"given":"Kris","family":"Oosthoek","sequence":"additional","affiliation":[{"name":"Technische Universiteit Delft, Delft, Netherlands"}]},{"given":"Paul","family":"van der Knaap","sequence":"additional","affiliation":[{"name":"Technische Universiteit Delft, Delft, Netherlands"}]},{"given":"Christian","family":"Doerr","sequence":"additional","affiliation":[{"name":"Hasso Plattner Institute, Potsdam, Germany"}]}],"member":"320","published-online":{"date-parts":[[2021,11,13]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"https:\/\/cloud.google.com\/blog\/products\/identity-security\/identifying-and-protecting-against-the-largest-ddos-attacks accessed at 2021-05-05."},{"key":"e_1_3_2_1_2_1","unstructured":"https:\/\/www.speedtest.net\/global-index accessed at 2021-05-05."},{"key":"e_1_3_2_1_3_1","first-page":"39","author":"Anagnostopoulos M.","year":"2013","unstructured":"Anagnostopoulos, M., Kambourakis, G., Kopanos, P., Louloudakis, G., and Gritzalis, S. DNS amplification attack revisited. Computers & Security 39 (2013).","journal-title":"Computers & Security"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/3098954.3098985"},{"key":"e_1_3_2_1_5_1","volume-title":"5th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 12)","author":"B\u00fcscher A.","year":"2012","unstructured":"B\u00fcscher, A., and Holz, T. Tracking DDoS attacks: Insights into the business of disrupting the web. In 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 12) (2012)."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663717"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813703"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/NTMS.2014.6814019"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-57878-7_14"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/NTMS.2019.8763820"},{"key":"e_1_3_2_1_11_1","volume-title":"IFIP Networking","author":"Griffioen H.","year":"2020","unstructured":"Griffioen, H., and Doerr, C. Quantifying TCP SYN DDoS Resilience: A Longitudinal Study of Internet Services. In IFIP Networking (2020)."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1080\/01639625.2016.1169829"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3131365.3131383"},{"key":"e_1_3_2_1_14_1","volume-title":"Rent to pwn: Analyzing commodity booter DDoS services. Usenix login 38","author":"Karami M.","year":"2013","unstructured":"Karami, M., and McCoy, D. Rent to pwn: Analyzing commodity booter DDoS services. Usenix login 38 (2013)."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2872427.2883004"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3355369.3355590"},{"key":"e_1_3_2_1_17_1","volume-title":"International Symposium on Recent Advances in Intrusion Detection","author":"Kr","year":"2015","unstructured":"Kr\"amer, L., Krupp, J., Makita, D., Nishizoe, T., Koide, T., Yoshioka, K., and Rossow, C. Amppot: Monitoring and defending against amplification DDoS attacks. In International Symposium on Recent Advances in Intrusion Detection (2015), Springer."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978293"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66332-6_19"},{"key":"e_1_3_2_1_20_1","volume-title":"Reducing the Impact of Amplification DDoS Attacks. In 23rd USENIX Security Symposium (USENIX Security 14)","author":"K\u00fchrer M.","year":"2014","unstructured":"K\u00fchrer, M., Hupperich, T., Rossow, C., and Holz, T. Exit from Hell? Reducing the Impact of Amplification DDoS Attacks. In 23rd USENIX Security Symposium (USENIX Security 14) (2014)."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-15509-8_2"},{"key":"e_1_3_2_1_22_1","volume-title":"The best bang for the byte: Characterizing the potential of DNS amplification attacks. Computer Networks","author":"MacFarland D. C.","year":"2017","unstructured":"MacFarland, D. C., Shue, C. A., and Kalafut, A. J. The best bang for the byte: Characterizing the potential of DNS amplification attacks. Computer Networks (2017)."},{"key":"e_1_3_2_1_23_1","first-page":"02","author":"Matherly J.","year":"2016","unstructured":"Matherly, J. Complete guide to shodan. Shodan, LLC (2016-02--25) 1 (2015).","journal-title":"Shodan"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/505659.505664"},{"key":"e_1_3_2_1_25_1","first-page":"13","author":"Prince M.","year":"2014","unstructured":"Prince, M. Technical details behind a 400Gbps NTP amplification DDoS attack. Cloudflare, Inc 13 (2014).","journal-title":"Inc"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3355369.3355595"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23233"},{"key":"e_1_3_2_1_28_1","volume-title":"Characterization and analysis of NTP amplification based DDoS attacks. In 2015 Information Security for South Africa (ISSA)","author":"Rudman L.","year":"2015","unstructured":"Rudman, L., and Irwin, B. Characterization and analysis of NTP amplification based DDoS attacks. In 2015 Information Security for South Africa (ISSA) (2015), IEEE."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/INM.2015.7140298"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/PST.2016.7906966"},{"key":"e_1_3_2_1_31_1","volume-title":"Method for effectively detecting and defending domain name server (DNS) amplification attacks","author":"Sun Z.","year":"2011","unstructured":"Sun, Z., Liu, B., and Hu, C. Method for effectively detecting and defending domain name server (DNS) amplification attacks, 2011."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/ECRIME.2017.7945057"},{"key":"e_1_3_2_1_33_1","volume-title":"12th USENIX Workshop on Offensive Technologies (WOOT 18)","author":"Vetterl A.","year":"2018","unstructured":"Vetterl, A., and Clayton, R. Bitter harvest: Systematically fingerprinting low-and medium-interaction honeypots at internet scale. In 12th USENIX Workshop on Offensive Technologies (WOOT 18) (2018)."}],"event":{"name":"CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security","location":"Virtual Event Republic of Korea","acronym":"CCS '21","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3460120.3484747","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3460120.3484747","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T20:49:27Z","timestamp":1763498967000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3460120.3484747"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,11,12]]},"references-count":33,"alternative-id":["10.1145\/3460120.3484747","10.1145\/3460120"],"URL":"https:\/\/doi.org\/10.1145\/3460120.3484747","relation":{},"subject":[],"published":{"date-parts":[[2021,11,12]]},"assertion":[{"value":"2021-11-13","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}