Stress Testing the Booters: Understanding and Undermining the Business of DDoS Services
This addresses the problem of commoditized DDoS attacks for businesses and individuals, with incremental contributions in understanding and disrupting these services.
The paper tackled the problem of DDoS-for-hire services by empirically measuring their technical and payment infrastructure, analyzing data from three major booters to understand customers and victims, and conducting a payment intervention with PayPal to evaluate effectiveness, showing these services are responsible for hundreds of thousands of DDoS attacks and identifying methods to undermine them.
DDoS-for-hire services, also known as booters, have commoditized DDoS attacks and enabled abusive subscribers of these services to cheaply extort, harass and intimidate businesses and people by knocking them offline. However, due to the underground nature of these booters, little is known about their underlying technical and business structure. In this paper we empirically measure many facets of their technical and payment infrastructure. We also perform an analysis of leaked and scraped data from three major booters---Asylum Stresser, Lizard Stresser and VDO---which provides us with an in-depth view of their customers and victims. Finally, we conduct a large-scale payment intervention in collaboration with PayPal and evaluate its effectiveness. Based on our analysis we show that these services are responsible for hundreds of thousands of DDoS attacks and identify potentially promising methods of increasing booters' costs and undermining these services.