1. Booter blacklist: Unveiling DDoS-for-hire websites
- Author
-
Santanna, Jose Jair, Schmidt, Ricardo De O., Tuncer, Daphne, De Vries, Joey, Granville, Lisandro Z., Pras, Aiko, Keith-Marsoun, Shannon, dos Santos, Carlos Raniery Paula, Limam, Noura, Cheriet, Mohamed, Zhani, Mohamed Faten, and Festor, Olivier
- Subjects
Computer science ,business.industry ,020206 networking & telecommunications ,Denial-of-service attack ,02 engineering and technology ,Crawling ,Computer security ,computer.software_genre ,Blacklist ,Set (abstract data type) ,World Wide Web ,020204 information systems ,Research community ,0202 electrical engineering, electronic engineering, information engineering ,The Internet ,Suspect ,business ,computer - Abstract
The expansion of Distributed Denial of Service (DDoS) for hire websites, known as Booters, has radically modified both the scope and stakes of DDoS attacks. Until recently, however, Booters have only received little attention from the research community. Given their impact, addressing the challenges associated with this phenomenon is crucial. In this paper, we present a rigorous methodology to identify a comprehensive set of existing Booters in the Internet. The methodology relies on well-defined mechanisms to generate a Booter blacklist, from crawling suspect URLs to characterizing and classifying the collected URLs. The list obtained using the methodology presented in this paper has a classification accuracy of 95.5%, which is 10.5% better compared to previous work. We also demonstrate the usage of our methodology applied by the Dutch NREN, SURFNet, which started using our blacklist to extend their Booters' activities monitoring.
- Published
- 2016