{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:17:21Z","timestamp":1750220241080,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":35,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,10,26]],"date-time":"2022-10-26T00:00:00Z","timestamp":1666742400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,10,26]]},"DOI":"10.1145\/3545948.3545959","type":"proceedings-article","created":{"date-parts":[[2022,10,17]],"date-time":"2022-10-17T11:21:49Z","timestamp":1666005709000},"page":"263-275","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["Mirrors in the Sky: On the Potential of Clouds in DNS Reflection-based Denial-of-Service Attacks"],"prefix":"10.1145","author":[{"given":"Ramin","family":"Yazdani","sequence":"first","affiliation":[{"name":"University Of Twente, Netherlands"}]},{"given":"Alden","family":"Hilton","sequence":"additional","affiliation":[{"name":"Brigham Young University, United States of America"}]},{"given":"Jeroen","family":"van der Ham","sequence":"additional","affiliation":[{"name":"University of Twente, Netherlands"}]},{"given":"Roland","family":"van Rijswijk-Deij","sequence":"additional","affiliation":[{"name":"University of Twente, Netherlands"}]},{"given":"Casey","family":"Deccio","sequence":"additional","affiliation":[{"name":"Brigham Young University, United States of America"}]},{"given":"Anna","family":"Sperotto","sequence":"additional","affiliation":[{"name":"University of Twente, Netherlands"}]},{"given":"Mattijs","family":"Jonker","sequence":"additional","affiliation":[{"name":"University of Twente, Netherlands"}]}],"member":"320","published-online":{"date-parts":[[2022,10,26]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Proceedings of the 29th USENIX Security Symposium. 631\u2013648","author":"Afek Yehuda","year":"2020","unstructured":"Yehuda Afek , Anat Bremler-Barr , and Lior Shafir . 2020 . NXNSAttack: Recursive DNS Inefficiencies and Vulnerabilities . In Proceedings of the 29th USENIX Security Symposium. 631\u2013648 . Yehuda Afek, Anat Bremler-Barr, and Lior Shafir. 2020. NXNSAttack: Recursive DNS Inefficiencies and Vulnerabilities. In Proceedings of the 29th USENIX Security Symposium. 631\u2013648."},{"volume-title":"Amazon Route 53 Developer Guide. Retrieved","year":"2022","key":"e_1_3_2_1_2_1","unstructured":"Amazon. 2013. Amazon Route 53 Developer Guide. Retrieved April 1, 2022 from https:\/\/docs.aws.amazon.com\/Route53\/latest\/DeveloperGuide\/route53-dg.pdf Amazon. 2013. Amazon Route 53 Developer Guide. Retrieved April 1, 2022 from https:\/\/docs.aws.amazon.com\/Route53\/latest\/DeveloperGuide\/route53-dg.pdf"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2012.52"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"crossref","unstructured":"Fred Baker and Pekka Savola. March 2004. BCP 84: Ingress Filtering for Multihomed Networks. Online: https:\/\/tools.ietf.org\/search\/bcp84.  Fred Baker and Pekka Savola. March 2004. BCP 84: Ingress Filtering for Multihomed Networks. Online: https:\/\/tools.ietf.org\/search\/bcp84.","DOI":"10.17487\/rfc3704"},{"key":"e_1_3_2_1_5_1","unstructured":"CAIDA. 2020. Spoofer Project. Retrieved April 1 2022 from https:\/\/www.caida.org\/projects\/spoofer\/  CAIDA. 2020. Spoofer Project. Retrieved April 1 2022 from https:\/\/www.caida.org\/projects\/spoofer\/"},{"key":"e_1_3_2_1_6_1","unstructured":"[\n  6\n  ]  Censys.[n.d.]. Retrieved April 1 2022 from ''https:\/\/censys.io''  [6] Censys.[n.d.]. Retrieved April 1 2022 from ''https:\/\/censys.io''"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCNC.2019.8685601"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/3419394.3423649"},{"key":"e_1_3_2_1_9_1","volume-title":"DITL Data.Retrieved","author":"DNS-OARC.","year":"2022","unstructured":"DNS-OARC. 2018. DITL Data.Retrieved April 1, 2022 from https:\/\/www.dns-oarc.net\/oarc\/data\/ditl\/ DNS-OARC. 2018. DITL Data.Retrieved April 1, 2022 from https:\/\/www.dns-oarc.net\/oarc\/data\/ditl\/"},{"key":"#cr-split#-e_1_3_2_1_10_1.1","doi-asserted-by":"crossref","unstructured":"Paul Ferguson and Daniel Senie. 2000. Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing. RFC 2827. https:\/\/doi.org\/10.17487\/RFC2827 10.17487\/RFC2827","DOI":"10.17487\/rfc2827"},{"key":"#cr-split#-e_1_3_2_1_10_1.2","doi-asserted-by":"crossref","unstructured":"Paul Ferguson and Daniel Senie. 2000. Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing. RFC 2827. https:\/\/doi.org\/10.17487\/RFC2827","DOI":"10.17487\/rfc2827"},{"key":"e_1_3_2_1_11_1","unstructured":"[\n  11\n  ]  The\u00a0Shadowserver Foundation.[n.d.]. Retrieved April 1 2022 from ''https:\/\/www.shadowserver.org''  [11] The\u00a0Shadowserver Foundation.[n.d.]. Retrieved April 1 2022 from ''https:\/\/www.shadowserver.org''"},{"volume-title":"Cloud Infrastructure and Platform Services Reviews and Ratings. Online: https:\/\/www.gartner.com\/reviews\/market\/public-cloud-iaas. https:\/\/www.gartner.com\/reviews\/market\/public-cloud-iaas Accessed","year":"2021","key":"e_1_3_2_1_12_1","unstructured":"Gartner. [n.d.]. Cloud Infrastructure and Platform Services Reviews and Ratings. Online: https:\/\/www.gartner.com\/reviews\/market\/public-cloud-iaas. https:\/\/www.gartner.com\/reviews\/market\/public-cloud-iaas Accessed : Dec. 1, 2021 . Gartner. [n.d.]. Cloud Infrastructure and Platform Services Reviews and Ratings. Online: https:\/\/www.gartner.com\/reviews\/market\/public-cloud-iaas. https:\/\/www.gartner.com\/reviews\/market\/public-cloud-iaas Accessed: Dec. 1, 2021."},{"volume-title":"Google Cloud. Retrieved","year":"2022","key":"e_1_3_2_1_13_1","unstructured":"Google. 2022. Advanced VPC concepts , Google Cloud. Retrieved April 1, 2022 from https:\/\/cloud.google.com\/vpc\/docs\/advanced-vpc Google. 2022. Advanced VPC concepts, Google Cloud. Retrieved April 1, 2022 from https:\/\/cloud.google.com\/vpc\/docs\/advanced-vpc"},{"key":"e_1_3_2_1_14_1","volume-title":"2011 ISMA Workshop on Active Internet Measurements.","author":"Huffaker Bradley","year":"2011","unstructured":"Bradley Huffaker , Marina Fomenkov , and K Claffy . 2011 . Geocompare: a comparison of public and commercial geolocation databases . 2011 ISMA Workshop on Active Internet Measurements. Bradley Huffaker, Marina Fomenkov, and K Claffy. 2011. Geocompare: a comparison of public and commercial geolocation databases. 2011 ISMA Workshop on Active Internet Measurements."},{"volume-title":"IP Address to IP Location and Proxy Information. Retrieved","year":"2022","key":"e_1_3_2_1_15_1","unstructured":"IP2Location. [n.d.]. IP Address to IP Location and Proxy Information. Retrieved April 1, 2022 from https:\/\/www.ip2location.com\/ IP2Location. [n.d.]. IP Address to IP Location and Proxy Information. Retrieved April 1, 2022 from https:\/\/www.ip2location.com\/"},{"key":"e_1_3_2_1_16_1","volume-title":"Proceedings of the ACM SIGCOMM Internet Measurement Conference, Vol.\u00a0Part F131937","author":"Jonker Mattijs","year":"2017","unstructured":"Mattijs Jonker , Alistair King , Johannes Krupp , Christian Rossow , Anna Sperotto , and Alberto Dainotti . 2017 . Millions of Targets Under Atack: a Macroscopic Characterization of the DoS Ecosystem . In Proceedings of the ACM SIGCOMM Internet Measurement Conference, Vol.\u00a0Part F131937 . 100\u2013113. https:\/\/doi.org\/10.1145\/3131365.3131383 10.1145\/3131365.3131383 Mattijs Jonker, Alistair King, Johannes Krupp, Christian Rossow, Anna Sperotto, and Alberto Dainotti. 2017. Millions of Targets Under Atack: a Macroscopic Characterization of the DoS Ecosystem. In Proceedings of the ACM SIGCOMM Internet Measurement Conference, Vol.\u00a0Part F131937. 100\u2013113. https:\/\/doi.org\/10.1145\/3131365.3131383"},{"key":"e_1_3_2_1_17_1","volume-title":"Black Ops 2008: It\u2019s The End Of The Cache As We Know It. Retrieved","author":"Kaminsky Dan","year":"2022","unstructured":"Dan Kaminsky . 2008. Black Ops 2008: It\u2019s The End Of The Cache As We Know It. Retrieved April 1, 2022 from kurser.lobner.dk\/dDist\/DMK_BO2K8.pdf Dan Kaminsky. 2008. Black Ops 2008: It\u2019s The End Of The Cache As We Know It. Retrieved April 1, 2022 from kurser.lobner.dk\/dDist\/DMK_BO2K8.pdf"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-44081-7_7"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2815675.2815683"},{"key":"e_1_3_2_1_20_1","volume-title":"Proceedings of the 23rd USENIX Security Symposium. 111\u2013125","author":"K\u00fchrer Marc","year":"2014","unstructured":"Marc K\u00fchrer , Thomas Hupperich , Christian Rossow , and Thorsten Holz . 2014 . Exit from hell? Reducing the Impact of Amplification DDoS Attacks . In Proceedings of the 23rd USENIX Security Symposium. 111\u2013125 . Marc K\u00fchrer, Thomas Hupperich, Christian Rossow, and Thorsten Holz. 2014. Exit from hell? Reducing the Impact of Amplification DDoS Attacks. In Proceedings of the 23rd USENIX Security Symposium. 111\u2013125."},{"key":"e_1_3_2_1_21_1","unstructured":"[\n  21\n  ]  Measurement Lab.2009. Retrieved April 1 2022 from https:\/\/www.measurementlab.net\/  [21] Measurement Lab.2009. Retrieved April 1 2022 from https:\/\/www.measurementlab.net\/"},{"key":"#cr-split#-e_1_3_2_1_22_1.1","doi-asserted-by":"crossref","unstructured":"Eireann Leverett and Aaron Kaplan. 2017. Towards estimating the untapped potential: a global malicious DDoS mean capacity estimate. Journal of Cyber Policy2(2017) 195-208. https:\/\/doi.org\/10.1080\/23738871.2017.1362020 10.1080\/23738871.2017.1362020","DOI":"10.1080\/23738871.2017.1362020"},{"key":"#cr-split#-e_1_3_2_1_22_1.2","doi-asserted-by":"crossref","unstructured":"Eireann Leverett and Aaron Kaplan. 2017. Towards estimating the untapped potential: a global malicious DDoS mean capacity estimate. Journal of Cyber Policy2(2017) 195-208. https:\/\/doi.org\/10.1080\/23738871.2017.1362020","DOI":"10.1080\/23738871.2017.1362020"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/3131365.3131367"},{"key":"e_1_3_2_1_24_1","volume-title":"Proceedings of the ACM Conference on Computer and Communications Security. 465\u2013480","author":"Luckie Matthew","year":"1953","unstructured":"Matthew Luckie , Ken Keys , Robert Beverly , Joshua\u00a0 A. Kroll , Ryan Koga , and K. Claffy . 2019. Network Hygiene, Incentives, and Regulation: Deployment of Source Address Validation in the Internet . In Proceedings of the ACM Conference on Computer and Communications Security. 465\u2013480 . https:\/\/doi.org\/10.1145\/33 1953 5.3354232 10.1145\/3319535.3354232 Matthew Luckie, Ken Keys, Robert Beverly, Joshua\u00a0A. Kroll, Ryan Koga, and K. Claffy. 2019. Network Hygiene, Incentives, and Regulation: Deployment of Source Address Validation in the Internet. In Proceedings of the ACM Conference on Computer and Communications Security. 465\u2013480. https:\/\/doi.org\/10.1145\/3319535.3354232"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3487552.3487835"},{"key":"e_1_3_2_1_26_1","volume-title":"Route Views Project. Retrieved","author":"University of Oregon. [n.d.].","year":"2022","unstructured":"University of Oregon. [n.d.]. Route Views Project. Retrieved April 1, 2022 from http:\/\/www.routeviews.org University of Oregon. [n.d.]. Route Views Project. Retrieved April 1, 2022 from http:\/\/www.routeviews.org"},{"key":"e_1_3_2_1_27_1","volume-title":"Behavioral Analysis of Open DNS Resolvers. In 49th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks. IEEE, 493\u2013504","author":"Park Jeman","year":"2019","unstructured":"Jeman Park , Aminollah Khormali , Manar Mohaisen , and Aziz Mohaisen . 2019 . Where Are You Taking Me? Behavioral Analysis of Open DNS Resolvers. In 49th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks. IEEE, 493\u2013504 . https:\/\/doi.org\/10.1109\/DSN.2019.00057 10.1109\/DSN.2019.00057 Jeman Park, Aminollah Khormali, Manar Mohaisen, and Aziz Mohaisen. 2019. Where Are You Taking Me? Behavioral Analysis of Open DNS Resolvers. In 49th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks. IEEE, 493\u2013504. https:\/\/doi.org\/10.1109\/DSN.2019.00057"},{"key":"e_1_3_2_1_28_1","unstructured":"[\n  28\n  ]  Open\u00a0Resolver Project.[n.d.]. Retrieved April 1 2022 from https:\/\/web.archive.org\/web\/20200603050044http:\/\/openresolverproject.org\/  [28] Open\u00a0Resolver Project.[n.d.]. Retrieved April 1 2022 from https:\/\/web.archive.org\/web\/20200603050044http:\/\/openresolverproject.org\/"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC1918"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23233"},{"volume-title":"Website Discovery and Reviews. Retrieved","year":"2022","key":"e_1_3_2_1_31_1","unstructured":"Statvoo. [n.d.]. Website Discovery and Reviews. Retrieved April 1, 2022 from https:\/\/statvoo.com\/top\/sites Statvoo. [n.d.]. Website Discovery and Reviews. Retrieved April 1, 2022 from https:\/\/statvoo.com\/top\/sites"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/ECRIME.2017.7945057"},{"key":"e_1_3_2_1_33_1","unstructured":"Paul Vixie. 2013. On the Time Value of Security Features in DNS. Online: https:\/\/www.circleid.com\/posts\/20130913_on_the_time_value_of_security_features_in_dns\/. https:\/\/www.circleid.com\/posts\/20130913_on_the_time_value_of_security_features_in_dns\/ Accessed: Dec. 1 2021.  Paul Vixie. 2013. On the Time Value of Security Features in DNS. Online: https:\/\/www.circleid.com\/posts\/20130913_on_the_time_value_of_security_features_in_dns\/. https:\/\/www.circleid.com\/posts\/20130913_on_the_time_value_of_security_features_in_dns\/ Accessed: Dec. 1 2021."}],"event":{"name":"RAID 2022: 25th International Symposium on Research in Attacks, Intrusions and Defenses","acronym":"RAID 2022","location":"Limassol Cyprus"},"container-title":["Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3545948.3545959","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3545948.3545959","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:30:27Z","timestamp":1750188627000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3545948.3545959"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,26]]},"references-count":35,"alternative-id":["10.1145\/3545948.3545959","10.1145\/3545948"],"URL":"https:\/\/doi.org\/10.1145\/3545948.3545959","relation":{},"subject":[],"published":{"date-parts":[[2022,10,26]]},"assertion":[{"value":"2022-10-26","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}