On measuring the impact of DDoS botnets
暂无分享,去创建一个
Miscreants use DDoS botnets to attack a victim via a large number of malware-infected hosts, combining the bandwidth of the individual PCs. Such botnets have thus a high potential to render targeted services unavailable. However, the actual impact of attacks by DDoS botnets has never been evaluated. In this paper, we monitor C&C servers of 14 DirtJumper and Yoddos botnets and record the DDoS targets of these networks. We then aim to evaluate the availability of the DDoS victims, using a variety of measurements such as TCP response times and analyzing the HTTP content. We show that more than 65% of the victims are severely affected by the DDoS attacks, while also a few DDoS attacks likely failed.
[1] Thorsten Holz,et al. Tracking DDoS Attacks: Insights into the Business of Disrupting the Web , 2012, LEET.
[2] Felix C. Freiling,et al. Sandnet: network traffic analysis of malicious software , 2011, BADGERS '11.
[3] Peter Reiher,et al. A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.
[4] Ruby B. Lee,et al. Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures , 2004, PDCS.