SlideShare a Scribd company logo

20160316_tbk_bit_module7

University of Twente
University of Twente

[Guest lecturer] Place: University of Twente Course: Product Design to Online Business (Module 7) Audience: students of industrial engineering (Technische Bedrijfskunde - TBK) and business information technology (BIT)

Business
1 of 45
Download to read offline
Product Design to Online Business jairsantanna.com Jair Santanna 16/03/2016
http://bit.ly/1PbjuaF [More than 5500 companies in 26 countries] "Enterprises lose $417,000 SMBs lose $53,000"
Distributed Denial of Service DDoS 6
http://bit.ly/1LpXoqd [Q4 2014] [state of the internet] / security 90% 2013 2014 2015 http://bit.ly/1Rkt4zy [Q4 2015] 148.85%
Two Goals What I have being doing to shutdown Booters’ Services? Does a similar approach poses a threat against your (future) Product? What threat DDoS attacks pose to your (future) Product?
Distributed Denial of Service DDoS 9
Denial of Service DoS 10
11
Distributed Denial of Service DDoS 12
13
14
Direct Attack 15
Indirect Attack 16
Reflected Attack 17
who is controlling it?
Big Picture
7 Types Layer 3&4 9 Types App. Layer
0 50 100 150 200 250 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 #Booters Time Registration Date Expiration Date Registration Interval First Passive DNS 284 Booters Prices The Booter Phenomenon: They Are a Legion Jos´e Jair Santanna⇤, Joey de Vries⇤, Anna Sperotto⇤, Lisandro Zambenedetti Granville†, and Aiko Pras⇤ ⇤ University of Twente, The Nederlands E-mail: j.j.santanna, j.devries-1, a.sperotto, a.pras@utwente.nl † Federal University of Rio Grande do Sul E-mail: granville@inf.ufrgs.br Abstract—Distributed Denial of Service (DDoS) is a type of network attack that aims to make target systems unreachable. In the past, to perform DDoS attacks require specialize knowledge from attackers. Nowadays, however, even inexperienced Internet users became able to launch those attacks. Thanks to Booters, websites that offer DDoS as a service, anyone can launch attacks at price starting from 5 Dollars. The goal of this paper is to increase awareness about the Booter phenomenon. By analyzing an extensive list of Booters we reveal how they have evolve over time, to whom/where their IP address are pointing to, their pricing schemas, and the severity of the services offered by them. I. INTRODUCTION Distributed Denial of Service (DDoS) is a type of network attack that makes target systems unreachable by overloading the targets’ resources (e.g., network connectivity and computer memory). Famous DDoS episodes against Internet services include a 300 Gbps attack against SpamHaus in 2013 [1] and a 400 Gbps attack against a CloudFlare customer in 2014 [2], the largest attack reported so far. DDoS accounts, as a result, for millions in revenue losses, reputation damage, and degradation of the relationship between customers and companies. DDoS involves a sophisticated orchestration of third party compromised machines that, under the control of an attacker, generate harmful traffic against a target victim. Performing a DDoS attack requires specialized knowledge from the attacker, especially in disciplines such as network protocols, distributed systems, and computer security. More recently, however, even inexperienced Internet users became able to carry out DDoS attacks thanks to the phenomenon usually refereed to as Booters [3]. Booters are websites that offer hundreds of DDoS attacks as services, typically charging, today, prices starting from 5 USD. Booters encapsulate DDoS attacks inside Web systems that dispense with the experience attacker. As such, ordinary, non-technical Internet users can easily order DDoS attacks against victim systems or users. The consequence is that the amount of potential DDoS attacks is not bound to the number of expert attackers anymore; it is now a function of the number of users willing to pay for the service, regardless of their level of technical expertise. Although there are undergoing investigations about the Booter phenomenon, our goal in this article is to present a comprehensive landscape of Booters. To that end, we analyze the most extensive list of Booters to date and show how Booters have evolved along the recent years. With that, our three main contributions in this article are: • We propose a methodology to find and catalog hun- dreds of Booters; • We show how Booters have evolved along the last years, based on historical data collected in North America networks; • We provide an analysis about the Booters’ market by revealing the characteristics of offered services and pricing schemas used by Booters. We present the Booters’ current landscape according to the following organization. First, in the next Section, we describe the steps we took to create a comprehensive list of Booters. Afterwards, we utilize this list of Booters to analyze four main aspects: (i) the evolution of Booters over time, (ii) the IP addresses that Booter websites point to and the relationship with DDoS protection companies, (iii) the pricing schemas in the Booter market, and (iv) the characteristics of services offered by Booters. We finally conclude this article summarizing our findings and discussing future perspectives. II. CATALOGING BOOTERS The first public signs of the Booter phenomenon started in 2012 [4], and already in 2013 Booters became popular because of the significant number of DDoS attacks ascribed to users of Booter websites [5]. That emphasized the severity of the phenomenon and motivated security specialists to investigate it. Inspired by the work of Krebs [6], Orgy [7], and an anonymous author [8], we draw the picture of the phenomenon by first creating a comprehensive list of Booters. Booter Crawler Booter Classi er Keywords Passive DNSTLDQuery Booter-Related BOOTER LIST BDN BDN+ Collaborators' Lists Fig. 1. Booter list generation workflow. The workflow of our methodology, depicted in Figure 1, starts with the Booter Crawler. It systematically searches the 0 10 20 30 40 50 60 70 80 90 PayPalBitcoinPaysafecard C oinPaym ents Starpass SkrillLitecoinYoupass C reditcard O KPayPayzaLiberty R eserve R SG PPerfectM oney TrueM oney #Booters Payment Systems Payment Systems
Stress Testing the Booters: Understanding and Undermining the Business of DDoS Services Mohammad Karami George Mason University Youngsam Park University of Maryland, College Park Damon McCoy International Computer Science Institute ABSTRACT DDoS-for-hire services, also known as booters, have com- moditized DDoS attacks and enabled abusive subscribers of these services to cheaply extort, harass and intimidate busi- nesses and people by knocking them offline. However, due to the underground nature of these booters, little is known about their underlying technical and business structure. In this paper we empirically measure many facets of their tech- nical and payment infrastructure. We also perform an anal- ysis of leaked and scraped data from three major booters— Asylum Stresser, Lizard Stresser and VDO—which provides us with an in-depth view of their customers and victims. Fi- nally, we conduct a large-scale payment intervention in col- laboration with PayPal and evaluate its effectiveness. Based on our analysis we show that these services are responsible for hundreds of thousands of DDoS attacks and identify po- tentially promising methods of increasing booters’ costs and undermining these services. 1. INTRODUCTION Distributed Denial-of-Service (DDoS) attacks are be- coming a growing threat with high profile DDoS at- tacks disrupting many large scale gaming services, such as Microsoft’s XBox Live and Sony’s PlayStation net- works at the end of 2014 [4]. These attacks were later claimed to be launched by the Lizard Squad as ad- vertisements for their new DDoS-for-hire service called Lizard Stresser [3]. There is a long line of technical work exploring how to detect and mitigate these types of attacks [9,10,14,20,21,23,24,33]. However, a large amount of DDoS attacks are being launched by relatively unsophisticated attackers that have purchased subscriptions to low-cost DDoS-for-hire (commonly called booter) services. These services are operated by profit-motivated adversaries that have scaled up their DDoS infrastructure to meet the increasing de- mand for DDoS attacks. Despite the threat they pose, little is known about the structures of these booter ser- vices and potential weaknesses in their operations that could be used to undermine them. In this paper we undertake a large scale measure- ment study of these booter services to understand how they are structured both technologically and econom- ically with the focus of isolating potential weaknesses. We explore booters from three di↵erent angles including analysis of leaked and scraped data, measurements of their attack infrastructure and a payment intervention. Our analysis of leaked and scraped data from three booters—Asylum Stresser, Lizard Stresser and VDO 1 — demonstrates that these services have attracted over 6,000 subscribers and have launched over 600,000 at- tacks. We also find that the majority of booter cus- tomers prefer paying via PayPal and that Lizard Stresser, which only accepted Bitcoin, had a minuscule 2% sign- up to paid subscriber conversion rate compared to 15% for Asylum Stresser and 23% for VDO, which both ac- cepted PayPal. By analyzing attack tra c directed at our own servers we are able to characterize the set of amplifiers they use to direct large amounts of tra c at their victims. In order to measure the resilience of their payment infrastructure, we conduct a payment inter- vention in collaboration with PayPal. Our evaluation of the e↵ectiveness of this approach suggests that it is a promising method for reducing the subscriber base of booters. In this paper, we further our understanding of the booter ecosystem through our measurements. Based on this we identify potential improvements to ongoing ef- forts to disrupt their attack infrastructure and an alter- native and possibly more e↵ective method of undermin- ing these services by targeting their payment infrastruc- ture. Overall, we find a few places where costs might be marginally increased by more precisely mapping out and targeting parts of their attack infrastructure. We document how a large-scale payment intervention by PayPal impacts booters, including service closures. Fi- nally, we detail some of their strategies for evading de- tection by PayPal and discuss how these increase the e↵ort and costs associated with performing an ongoing payment intervention. 1 We assign each booter service a unique three letter code based on their domain name to avoid unintentionally ad- vertising their services. The two exceptions are Asylum Stresser, which ceased operation before our study and Lizard Stresser, which has already been highly publicized. 1 arXiv:1508.03410v1[cs.CR]14Aug2015 23 Booters
Very good?
0 50 100 150 200 250 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 #Booters Time Registration Date Expiration Date Registration Interval First Passive DNS 284 Booters Prices The Booter Phenomenon: They Are a Legion Jos´e Jair Santanna⇤, Joey de Vries⇤, Anna Sperotto⇤, Lisandro Zambenedetti Granville†, and Aiko Pras⇤ ⇤ University of Twente, The Nederlands E-mail: j.j.santanna, j.devries-1, a.sperotto, a.pras@utwente.nl † Federal University of Rio Grande do Sul E-mail: granville@inf.ufrgs.br Abstract—Distributed Denial of Service (DDoS) is a type of network attack that aims to make target systems unreachable. In the past, to perform DDoS attacks require specialize knowledge from attackers. Nowadays, however, even inexperienced Internet users became able to launch those attacks. Thanks to Booters, websites that offer DDoS as a service, anyone can launch attacks at price starting from 5 Dollars. The goal of this paper is to increase awareness about the Booter phenomenon. By analyzing an extensive list of Booters we reveal how they have evolve over time, to whom/where their IP address are pointing to, their pricing schemas, and the severity of the services offered by them. I. INTRODUCTION Distributed Denial of Service (DDoS) is a type of network attack that makes target systems unreachable by overloading the targets’ resources (e.g., network connectivity and computer memory). Famous DDoS episodes against Internet services include a 300 Gbps attack against SpamHaus in 2013 [1] and a 400 Gbps attack against a CloudFlare customer in 2014 [2], the largest attack reported so far. DDoS accounts, as a result, for millions in revenue losses, reputation damage, and degradation of the relationship between customers and companies. DDoS involves a sophisticated orchestration of third party compromised machines that, under the control of an attacker, generate harmful traffic against a target victim. Performing a DDoS attack requires specialized knowledge from the attacker, especially in disciplines such as network protocols, distributed systems, and computer security. More recently, however, even inexperienced Internet users became able to carry out DDoS attacks thanks to the phenomenon usually refereed to as Booters [3]. Booters are websites that offer hundreds of DDoS attacks as services, typically charging, today, prices starting from 5 USD. Booters encapsulate DDoS attacks inside Web systems that dispense with the experience attacker. As such, ordinary, non-technical Internet users can easily order DDoS attacks against victim systems or users. The consequence is that the amount of potential DDoS attacks is not bound to the number of expert attackers anymore; it is now a function of the number of users willing to pay for the service, regardless of their level of technical expertise. Although there are undergoing investigations about the Booter phenomenon, our goal in this article is to present a comprehensive landscape of Booters. To that end, we analyze the most extensive list of Booters to date and show how Booters have evolved along the recent years. With that, our three main contributions in this article are: • We propose a methodology to find and catalog hun- dreds of Booters; • We show how Booters have evolved along the last years, based on historical data collected in North America networks; • We provide an analysis about the Booters’ market by revealing the characteristics of offered services and pricing schemas used by Booters. We present the Booters’ current landscape according to the following organization. First, in the next Section, we describe the steps we took to create a comprehensive list of Booters. Afterwards, we utilize this list of Booters to analyze four main aspects: (i) the evolution of Booters over time, (ii) the IP addresses that Booter websites point to and the relationship with DDoS protection companies, (iii) the pricing schemas in the Booter market, and (iv) the characteristics of services offered by Booters. We finally conclude this article summarizing our findings and discussing future perspectives. II. CATALOGING BOOTERS The first public signs of the Booter phenomenon started in 2012 [4], and already in 2013 Booters became popular because of the significant number of DDoS attacks ascribed to users of Booter websites [5]. That emphasized the severity of the phenomenon and motivated security specialists to investigate it. Inspired by the work of Krebs [6], Orgy [7], and an anonymous author [8], we draw the picture of the phenomenon by first creating a comprehensive list of Booters. Booter Crawler Booter Classi er Keywords Passive DNSTLDQuery Booter-Related BOOTER LIST BDN BDN+ Collaborators' Lists Fig. 1. Booter list generation workflow. The workflow of our methodology, depicted in Figure 1, starts with the Booter Crawler. It systematically searches the 0 10 20 30 40 50 60 70 80 90 PayPalBitcoinPaysafecard C oinPaym ents Starpass SkrillLitecoinYoupass C reditcard O KPayPayzaLiberty R eserve R SG PPerfectM oney TrueM oney #Booters Payment Systems Payment Systems
Big Picture
93% Subscribed CloudFlare Services
Black Hat USA 2013 - Spy-Jacking the Booters we want! but …
Big Picture
14 Booters
Big Picture
15 "Leaked" databases
Concrete Steps Towards Mitigation.
284 Booter domain names 111 online Booters github.com/jjsantanna/Booter-black-List
1434735481, Q(Q), c861aaa8307395e94c0bc1d88e9846ff168071252198640801b108219b3899be, IN, A, quezstresser.com. 1434735481, Q(R), c861aaa8307395e94c0bc1d88e9846ff168071252198640801b108219b3899be, IN, A, quezstresser.com., NOERROR 1434735481, R(ANS), c861aaa8307395e94c0bc1d88e9846ff168071252198640801b108219b3899be, IN, A, 185.62.190.40 1434832019, Q(Q), c861aaa8307395e94c0bc1d88e9846ff168071252198640801b108219b3899be, IN, A, stagestresser.com. 1434832019, Q(R), c861aaa8307395e94c0bc1d88e9846ff168071252198640801b108219b3899be, IN, A, stagestresser.com., NOERROR 1434832019, R(ANS), c861aaa8307395e94c0bc1d88e9846ff168071252198640801b108219b3899be, IN, A, 141.101.118.99 1434832019, R(ANS), c861aaa8307395e94c0bc1d88e9846ff168071252198640801b108219b3899be, IN, A, 141.101.118.98 Passive DNS data *Roland
Measure more attacks!
CERTs, CSIRTs, AntiAbusing (ToDo!)
<attack>.pcap <attack>.log *FILTERMETA-DESCRIPTOR Attack Fingerprint Database <attack>.nfcapd
The Biggest Open Database of Attacks!
Product Design to Online Business jairsantanna.com Jair Santanna 16/03/2016

Recommended

20150311 bit module7_tbk_bit_lecture
20150311 bit module7_tbk_bit_lecture20150311 bit module7_tbk_bit_lecture
20150311 bit module7_tbk_bit_lecture
University of Twente
 
20140313_tu_delft
20140313_tu_delft20140313_tu_delft
20140313_tu_delft
University of Twente
 
TECHNICAL WHITE PAPER: The Continued rise of DDoS Attacks
TECHNICAL WHITE PAPER: The Continued rise of DDoS AttacksTECHNICAL WHITE PAPER: The Continued rise of DDoS Attacks
TECHNICAL WHITE PAPER: The Continued rise of DDoS Attacks
Symantec
 
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
MazeBolt Technologies
 
DDoS threat landscape report
DDoS threat landscape reportDDoS threat landscape report
DDoS threat landscape report
Bee_Ware
 
Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016
Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016
Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016
TierPoint
 
DDOS Attack
DDOS Attack DDOS Attack
DDOS Attack
Ahmed Salama
 
Denial of Service Attacks: The Complete Guide
Denial of Service Attacks: The Complete GuideDenial of Service Attacks: The Complete Guide
Denial of Service Attacks: The Complete Guide
Imperva
 

Recommended

20150311 bit module7_tbk_bit_lecture
20150311 bit module7_tbk_bit_lecture20150311 bit module7_tbk_bit_lecture
20150311 bit module7_tbk_bit_lecture
University of Twente
 
20140313_tu_delft
20140313_tu_delft20140313_tu_delft
20140313_tu_delft
University of Twente
 
TECHNICAL WHITE PAPER: The Continued rise of DDoS Attacks
TECHNICAL WHITE PAPER: The Continued rise of DDoS AttacksTECHNICAL WHITE PAPER: The Continued rise of DDoS Attacks
TECHNICAL WHITE PAPER: The Continued rise of DDoS Attacks
Symantec
 
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
MazeBolt Technologies
 
DDoS threat landscape report
DDoS threat landscape reportDDoS threat landscape report
DDoS threat landscape report
Bee_Ware
 
Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016
Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016
Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016
TierPoint
 
DDOS Attack
DDOS Attack DDOS Attack
DDOS Attack
Ahmed Salama
 
Denial of Service Attacks: The Complete Guide
Denial of Service Attacks: The Complete GuideDenial of Service Attacks: The Complete Guide
Denial of Service Attacks: The Complete Guide
Imperva
 
XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...
XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...
XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...
IJNSA Journal
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service Attacks
Brent Muir
 
A survey of trends in massive ddos attacks and cloud based mitigations
A survey of trends in massive ddos attacks and cloud based mitigationsA survey of trends in massive ddos attacks and cloud based mitigations
A survey of trends in massive ddos attacks and cloud based mitigations
IJNSA Journal
 
50120140502001 2
50120140502001 250120140502001 2
50120140502001 2
IAEME Publication
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learning
eSAT Publishing House
 
Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...
Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...
Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...
journalBEEI
 
PASSWORD BASED SCHEME AND GROUP TESTING FOR DEFENDING DDOS ATTACKS
PASSWORD BASED SCHEME AND GROUP TESTING FOR DEFENDING DDOS ATTACKSPASSWORD BASED SCHEME AND GROUP TESTING FOR DEFENDING DDOS ATTACKS
PASSWORD BASED SCHEME AND GROUP TESTING FOR DEFENDING DDOS ATTACKS
IJNSA Journal
 
Network Security in 2016
Network Security in 2016Network Security in 2016
Network Security in 2016
Qrator Labs
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin Bisht
Nitin Bisht
 
Web Attack Survival Guide
Web Attack Survival GuideWeb Attack Survival Guide
Web Attack Survival Guide
- Mark - Fullbright
 
Infographic - Why DDoS Mitigation Solutions are important
Infographic - Why DDoS Mitigation Solutions are importantInfographic - Why DDoS Mitigation Solutions are important
Infographic - Why DDoS Mitigation Solutions are important
Haltdos
 
Midyear security-report-2016
Midyear security-report-2016Midyear security-report-2016
Midyear security-report-2016
Andrey Apuhtin
 
2016 payment threats trends report
2016 payment threats trends report2016 payment threats trends report
2016 payment threats trends report
Ian Beckett
 
A Novel Method for Prevention of Bandwidth Distributed Denial of Service Attacks
A Novel Method for Prevention of Bandwidth Distributed Denial of Service AttacksA Novel Method for Prevention of Bandwidth Distributed Denial of Service Attacks
A Novel Method for Prevention of Bandwidth Distributed Denial of Service Attacks
IJERD Editor
 
Penetration testing is a field which has experienced rapid growth over the years
Penetration testing is a field which has experienced rapid growth over the yearsPenetration testing is a field which has experienced rapid growth over the years
Penetration testing is a field which has experienced rapid growth over the years
Gregory Hanis
 
DDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero SurveyDDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero Survey
Stephanie Weagle
 
IRJET- A Survey on DDOS Attack in Manet
IRJET- A Survey on DDOS Attack in ManetIRJET- A Survey on DDOS Attack in Manet
IRJET- A Survey on DDOS Attack in Manet
IRJET Journal
 
20160517-資料
20160517-資料20160517-資料
20160517-資料
Yusuke Yokozawa
 
How to run your web design business
How to run your web design businessHow to run your web design business
How to run your web design business
Lynn Chen
 
Etude EMA - Email Marketing Attitude BtoB 2016 du Sncd
Etude EMA - Email Marketing Attitude BtoB 2016 du SncdEtude EMA - Email Marketing Attitude BtoB 2016 du Sncd
Etude EMA - Email Marketing Attitude BtoB 2016 du Sncd
Contact SNCD
 
Shin UX 2017 - UX strategy - UX review
Shin UX 2017 - UX strategy - UX reviewShin UX 2017 - UX strategy - UX review
Shin UX 2017 - UX strategy - UX review
Yukio Andoh
 
Thriving in the Circular Economy: Product Design and Business Practices for “...
Thriving in the Circular Economy: Product Design and Business Practices for “...Thriving in the Circular Economy: Product Design and Business Practices for “...
Thriving in the Circular Economy: Product Design and Business Practices for “...
Antea Group
 

More Related Content

What's hot

XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...
XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...
XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...
IJNSA Journal
 
A survey of trends in massive ddos attacks and cloud based mitigations
A survey of trends in massive ddos attacks and cloud based mitigationsA survey of trends in massive ddos attacks and cloud based mitigations
A survey of trends in massive ddos attacks and cloud based mitigations
IJNSA Journal
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learning
eSAT Publishing House
 
Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...
Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...
Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...
journalBEEI
 
A Novel Method for Prevention of Bandwidth Distributed Denial of Service Attacks
A Novel Method for Prevention of Bandwidth Distributed Denial of Service AttacksA Novel Method for Prevention of Bandwidth Distributed Denial of Service Attacks
A Novel Method for Prevention of Bandwidth Distributed Denial of Service Attacks
IJERD Editor
 
Penetration testing is a field which has experienced rapid growth over the years
Penetration testing is a field which has experienced rapid growth over the yearsPenetration testing is a field which has experienced rapid growth over the years
Penetration testing is a field which has experienced rapid growth over the years
Gregory Hanis
 

What's hot (17)

XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...
XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...
XDOSER, A BENCHMARKING TOOL FOR SYSTEM LOAD MEASUREMENT USING DENIAL OF SERVI...
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service Attacks
 
A survey of trends in massive ddos attacks and cloud based mitigations
A survey of trends in massive ddos attacks and cloud based mitigationsA survey of trends in massive ddos attacks and cloud based mitigations
A survey of trends in massive ddos attacks and cloud based mitigations
 
50120140502001 2
50120140502001 250120140502001 2
50120140502001 2
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learning
 
Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...
Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...
Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...
 
PASSWORD BASED SCHEME AND GROUP TESTING FOR DEFENDING DDOS ATTACKS
PASSWORD BASED SCHEME AND GROUP TESTING FOR DEFENDING DDOS ATTACKSPASSWORD BASED SCHEME AND GROUP TESTING FOR DEFENDING DDOS ATTACKS
PASSWORD BASED SCHEME AND GROUP TESTING FOR DEFENDING DDOS ATTACKS
 
Network Security in 2016
Network Security in 2016Network Security in 2016
Network Security in 2016
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin Bisht
 
Web Attack Survival Guide
Web Attack Survival GuideWeb Attack Survival Guide
Web Attack Survival Guide
 
Infographic - Why DDoS Mitigation Solutions are important
Infographic - Why DDoS Mitigation Solutions are importantInfographic - Why DDoS Mitigation Solutions are important
Infographic - Why DDoS Mitigation Solutions are important
 
Midyear security-report-2016
Midyear security-report-2016Midyear security-report-2016
Midyear security-report-2016
 
2016 payment threats trends report
2016 payment threats trends report2016 payment threats trends report
2016 payment threats trends report
 
A Novel Method for Prevention of Bandwidth Distributed Denial of Service Attacks
A Novel Method for Prevention of Bandwidth Distributed Denial of Service AttacksA Novel Method for Prevention of Bandwidth Distributed Denial of Service Attacks
A Novel Method for Prevention of Bandwidth Distributed Denial of Service Attacks
 
Penetration testing is a field which has experienced rapid growth over the years
Penetration testing is a field which has experienced rapid growth over the yearsPenetration testing is a field which has experienced rapid growth over the years
Penetration testing is a field which has experienced rapid growth over the years
 
DDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero SurveyDDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero Survey
 
IRJET- A Survey on DDOS Attack in Manet
IRJET- A Survey on DDOS Attack in ManetIRJET- A Survey on DDOS Attack in Manet
IRJET- A Survey on DDOS Attack in Manet
 

Viewers also liked

Thriving in the Circular Economy: Product Design and Business Practices for “...
Thriving in the Circular Economy: Product Design and Business Practices for “...Thriving in the Circular Economy: Product Design and Business Practices for “...
Thriving in the Circular Economy: Product Design and Business Practices for “...
Antea Group
 
Designing with Lean UX : Rapid Product Design [UX Lisbon 2014]
Designing with Lean UX : Rapid Product Design [UX Lisbon 2014]Designing with Lean UX : Rapid Product Design [UX Lisbon 2014]
Designing with Lean UX : Rapid Product Design [UX Lisbon 2014]
Kate Rutter
 

Viewers also liked (7)

20160517-資料
20160517-資料20160517-資料
20160517-資料
 
How to run your web design business
How to run your web design businessHow to run your web design business
How to run your web design business
 
Etude EMA - Email Marketing Attitude BtoB 2016 du Sncd
Etude EMA - Email Marketing Attitude BtoB 2016 du SncdEtude EMA - Email Marketing Attitude BtoB 2016 du Sncd
Etude EMA - Email Marketing Attitude BtoB 2016 du Sncd
 
Shin UX 2017 - UX strategy - UX review
Shin UX 2017 - UX strategy - UX reviewShin UX 2017 - UX strategy - UX review
Shin UX 2017 - UX strategy - UX review
 
Thriving in the Circular Economy: Product Design and Business Practices for “...
Thriving in the Circular Economy: Product Design and Business Practices for “...Thriving in the Circular Economy: Product Design and Business Practices for “...
Thriving in the Circular Economy: Product Design and Business Practices for “...
 
Designing with Lean UX : Rapid Product Design [UX Lisbon 2014]
Designing with Lean UX : Rapid Product Design [UX Lisbon 2014]Designing with Lean UX : Rapid Product Design [UX Lisbon 2014]
Designing with Lean UX : Rapid Product Design [UX Lisbon 2014]
 
Product Design & Development - 1
Product Design & Development - 1Product Design & Development - 1
Product Design & Development - 1
 

Similar to 20160316_tbk_bit_module7

Distributed Denial Of Service ( Ddos )
Distributed Denial Of Service ( Ddos )Distributed Denial Of Service ( Ddos )
Distributed Denial Of Service ( Ddos )
Sharon Lee
 
546 220-228
546 220-228546 220-228
546 220-228
idescitation
 
a-guide-to-ddos-2015-2
a-guide-to-ddos-2015-2a-guide-to-ddos-2015-2
a-guide-to-ddos-2015-2
Mike Revell
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS Providers
Neil Hinton
 
comparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-papercomparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-paper
Renny Shen
 
The_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDFThe_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDF
Dominik Suter
 
ITSecurity_DDOS_Mitigation
ITSecurity_DDOS_MitigationITSecurity_DDOS_Mitigation
ITSecurity_DDOS_Mitigation
R. Blake Martin
 
CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...
CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...
CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...
IJNSA Journal
 
CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...
CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...
CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...
IJNSA Journal
 

Similar to 20160316_tbk_bit_module7 (20)

Distributed Denial Of Service ( Ddos )
Distributed Denial Of Service ( Ddos )Distributed Denial Of Service ( Ddos )
Distributed Denial Of Service ( Ddos )
 
Solution_Use_Case_-_DDoS_Incident_Monitoring.pdf
Solution_Use_Case_-_DDoS_Incident_Monitoring.pdfSolution_Use_Case_-_DDoS_Incident_Monitoring.pdf
Solution_Use_Case_-_DDoS_Incident_Monitoring.pdf
 
Case Study: Q2 2014 Global DDoS Attack Report | Akamai Document
Case Study: Q2 2014 Global DDoS Attack Report | Akamai DocumentCase Study: Q2 2014 Global DDoS Attack Report | Akamai Document
Case Study: Q2 2014 Global DDoS Attack Report | Akamai Document
 
Stickler_Unit6
Stickler_Unit6Stickler_Unit6
Stickler_Unit6
 
546 220-228
546 220-228546 220-228
546 220-228
 
a-guide-to-ddos-2015-2
a-guide-to-ddos-2015-2a-guide-to-ddos-2015-2
a-guide-to-ddos-2015-2
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS Providers
 
comparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-papercomparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-paper
 
IMPROVING DDOS DETECTION IN IOT DEVICES
IMPROVING DDOS DETECTION IN IOT DEVICESIMPROVING DDOS DETECTION IN IOT DEVICES
IMPROVING DDOS DETECTION IN IOT DEVICES
 
DDoS Protection For Top 4 Industries | MazeBolt Technologies
DDoS Protection For Top 4 Industries | MazeBolt TechnologiesDDoS Protection For Top 4 Industries | MazeBolt Technologies
DDoS Protection For Top 4 Industries | MazeBolt Technologies
 
The_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDFThe_Forrester_Wave_DDoS_S 2015Q3.PDF
The_Forrester_Wave_DDoS_S 2015Q3.PDF
 
ITSecurity_DDOS_Mitigation
ITSecurity_DDOS_MitigationITSecurity_DDOS_Mitigation
ITSecurity_DDOS_Mitigation
 
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case StudyEliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
 
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case StudyEliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
Eliminate DDoS Mitigation False Positive | DDoS Protection | Case Study
 
Examining the emerging threat of Phishing and DDoS attacks using Machine Lear...
Examining the emerging threat of Phishing and DDoS attacks using Machine Lear...Examining the emerging threat of Phishing and DDoS attacks using Machine Lear...
Examining the emerging threat of Phishing and DDoS attacks using Machine Lear...
 
How to Know if You Got DDoSed
How to Know if You Got DDoSedHow to Know if You Got DDoSed
How to Know if You Got DDoSed
 
Protecting against modern ddos threats
Protecting against modern ddos threatsProtecting against modern ddos threats
Protecting against modern ddos threats
 
CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...
CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...
CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...
 
CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...
CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...
CREDIT BASED METHODOLOGY TO DETECT AND DISCRIMINATE DDOS ATTACK FROM FLASH CR...
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing Tools
 

More from University of Twente

More from University of Twente (14)

20170926 Inter-Actief Lunchtalk Jair Santanna
20170926 Inter-Actief Lunchtalk Jair Santanna20170926 Inter-Actief Lunchtalk Jair Santanna
20170926 Inter-Actief Lunchtalk Jair Santanna
 
DDoS attacks, Booters, and DDoSDB
DDoS attacks, Booters, and DDoSDBDDoS attacks, Booters, and DDoSDB
DDoS attacks, Booters, and DDoSDB
 
20170406 delft
20170406 delft20170406 delft
20170406 delft
 
Meeting Towards Collaboration for DDoS Attack Mitigation
Meeting Towards Collaboration for DDoS Attack MitigationMeeting Towards Collaboration for DDoS Attack Mitigation
Meeting Towards Collaboration for DDoS Attack Mitigation
 
DDoS attacks and Booters -- *my thesis summary
DDoS attacks and Booters -- *my thesis summaryDDoS attacks and Booters -- *my thesis summary
DDoS attacks and Booters -- *my thesis summary
 
Booter Blacklist: Unveiling DDoS-for-hire Websites
Booter Blacklist: Unveiling DDoS-for-hire WebsitesBooter Blacklist: Unveiling DDoS-for-hire Websites
Booter Blacklist: Unveiling DDoS-for-hire Websites
 
Inter-actief presentation
Inter-actief presentationInter-actief presentation
Inter-actief presentation
 
Civil Disobedience, DDoS attacks, Booters, and Beyond!
Civil Disobedience, DDoS attacks, Booters, and Beyond! Civil Disobedience, DDoS attacks, Booters, and Beyond!
Civil Disobedience, DDoS attacks, Booters, and Beyond!
 
20160816 amlight popbahia_rnp_ansp
20160816 amlight popbahia_rnp_ansp20160816 amlight popbahia_rnp_ansp
20160816 amlight popbahia_rnp_ansp
 
20160613 TNC TERENA
20160613 TNC TERENA20160613 TNC TERENA
20160613 TNC TERENA
 
20160416_de-cix
20160416_de-cix20160416_de-cix
20160416_de-cix
 
20160416_flamingo
20160416_flamingo20160416_flamingo
20160416_flamingo
 
20150909_network_security_lecture
20150909_network_security_lecture20150909_network_security_lecture
20150909_network_security_lecture
 
20150909_cybercrime_cybersecurity_minor
20150909_cybercrime_cybersecurity_minor20150909_cybercrime_cybersecurity_minor
20150909_cybercrime_cybersecurity_minor
 

Recently uploaded

Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
Workforce Group
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
daisycvs
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Dipal Arora
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
uneakwhite
 
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
lizamodels9
 
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
dlhescort
 
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLJAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
kapoorjyoti4444
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
Aggregage
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
amitlee9823
 

Recently uploaded (20)

Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
Falcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in indiaFalcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in india
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 
PHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation FinalPHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation Final
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investors
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors Data
 
Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with Culture
 
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
 
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLJAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 

20160316_tbk_bit_module7

  • 1. Product Design to Online Business jairsantanna.com Jair Santanna 16/03/2016
  • 2.
  • 3.
  • 4.
  • 5. http://bit.ly/1PbjuaF [More than 5500 companies in 26 countries] "Enterprises lose $417,000 SMBs lose $53,000"
  • 7. http://bit.ly/1LpXoqd [Q4 2014] [state of the internet] / security 90% 2013 2014 2015 http://bit.ly/1Rkt4zy [Q4 2015] 148.85%
  • 8. Two Goals What I have being doing to shutdown Booters’ Services? Does a similar approach poses a threat against your (future) Product? What threat DDoS attacks pose to your (future) Product?
  • 11. 11
  • 13. 13
  • 14. 14
  • 18.
  • 21. 7 Types Layer 3&4 9 Types App. Layer
  • 22. 0 50 100 150 200 250 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 #Booters Time Registration Date Expiration Date Registration Interval First Passive DNS 284 Booters Prices The Booter Phenomenon: They Are a Legion Jos´e Jair Santanna⇤, Joey de Vries⇤, Anna Sperotto⇤, Lisandro Zambenedetti Granville†, and Aiko Pras⇤ ⇤ University of Twente, The Nederlands E-mail: j.j.santanna, j.devries-1, a.sperotto, a.pras@utwente.nl † Federal University of Rio Grande do Sul E-mail: granville@inf.ufrgs.br Abstract—Distributed Denial of Service (DDoS) is a type of network attack that aims to make target systems unreachable. In the past, to perform DDoS attacks require specialize knowledge from attackers. Nowadays, however, even inexperienced Internet users became able to launch those attacks. Thanks to Booters, websites that offer DDoS as a service, anyone can launch attacks at price starting from 5 Dollars. The goal of this paper is to increase awareness about the Booter phenomenon. By analyzing an extensive list of Booters we reveal how they have evolve over time, to whom/where their IP address are pointing to, their pricing schemas, and the severity of the services offered by them. I. INTRODUCTION Distributed Denial of Service (DDoS) is a type of network attack that makes target systems unreachable by overloading the targets’ resources (e.g., network connectivity and computer memory). Famous DDoS episodes against Internet services include a 300 Gbps attack against SpamHaus in 2013 [1] and a 400 Gbps attack against a CloudFlare customer in 2014 [2], the largest attack reported so far. DDoS accounts, as a result, for millions in revenue losses, reputation damage, and degradation of the relationship between customers and companies. DDoS involves a sophisticated orchestration of third party compromised machines that, under the control of an attacker, generate harmful traffic against a target victim. Performing a DDoS attack requires specialized knowledge from the attacker, especially in disciplines such as network protocols, distributed systems, and computer security. More recently, however, even inexperienced Internet users became able to carry out DDoS attacks thanks to the phenomenon usually refereed to as Booters [3]. Booters are websites that offer hundreds of DDoS attacks as services, typically charging, today, prices starting from 5 USD. Booters encapsulate DDoS attacks inside Web systems that dispense with the experience attacker. As such, ordinary, non-technical Internet users can easily order DDoS attacks against victim systems or users. The consequence is that the amount of potential DDoS attacks is not bound to the number of expert attackers anymore; it is now a function of the number of users willing to pay for the service, regardless of their level of technical expertise. Although there are undergoing investigations about the Booter phenomenon, our goal in this article is to present a comprehensive landscape of Booters. To that end, we analyze the most extensive list of Booters to date and show how Booters have evolved along the recent years. With that, our three main contributions in this article are: • We propose a methodology to find and catalog hun- dreds of Booters; • We show how Booters have evolved along the last years, based on historical data collected in North America networks; • We provide an analysis about the Booters’ market by revealing the characteristics of offered services and pricing schemas used by Booters. We present the Booters’ current landscape according to the following organization. First, in the next Section, we describe the steps we took to create a comprehensive list of Booters. Afterwards, we utilize this list of Booters to analyze four main aspects: (i) the evolution of Booters over time, (ii) the IP addresses that Booter websites point to and the relationship with DDoS protection companies, (iii) the pricing schemas in the Booter market, and (iv) the characteristics of services offered by Booters. We finally conclude this article summarizing our findings and discussing future perspectives. II. CATALOGING BOOTERS The first public signs of the Booter phenomenon started in 2012 [4], and already in 2013 Booters became popular because of the significant number of DDoS attacks ascribed to users of Booter websites [5]. That emphasized the severity of the phenomenon and motivated security specialists to investigate it. Inspired by the work of Krebs [6], Orgy [7], and an anonymous author [8], we draw the picture of the phenomenon by first creating a comprehensive list of Booters. Booter Crawler Booter Classi er Keywords Passive DNSTLDQuery Booter-Related BOOTER LIST BDN BDN+ Collaborators' Lists Fig. 1. Booter list generation workflow. The workflow of our methodology, depicted in Figure 1, starts with the Booter Crawler. It systematically searches the 0 10 20 30 40 50 60 70 80 90 PayPalBitcoinPaysafecard C oinPaym ents Starpass SkrillLitecoinYoupass C reditcard O KPayPayzaLiberty R eserve R SG PPerfectM oney TrueM oney #Booters Payment Systems Payment Systems
  • 23. Stress Testing the Booters: Understanding and Undermining the Business of DDoS Services Mohammad Karami George Mason University Youngsam Park University of Maryland, College Park Damon McCoy International Computer Science Institute ABSTRACT DDoS-for-hire services, also known as booters, have com- moditized DDoS attacks and enabled abusive subscribers of these services to cheaply extort, harass and intimidate busi- nesses and people by knocking them offline. However, due to the underground nature of these booters, little is known about their underlying technical and business structure. In this paper we empirically measure many facets of their tech- nical and payment infrastructure. We also perform an anal- ysis of leaked and scraped data from three major booters— Asylum Stresser, Lizard Stresser and VDO—which provides us with an in-depth view of their customers and victims. Fi- nally, we conduct a large-scale payment intervention in col- laboration with PayPal and evaluate its effectiveness. Based on our analysis we show that these services are responsible for hundreds of thousands of DDoS attacks and identify po- tentially promising methods of increasing booters’ costs and undermining these services. 1. INTRODUCTION Distributed Denial-of-Service (DDoS) attacks are be- coming a growing threat with high profile DDoS at- tacks disrupting many large scale gaming services, such as Microsoft’s XBox Live and Sony’s PlayStation net- works at the end of 2014 [4]. These attacks were later claimed to be launched by the Lizard Squad as ad- vertisements for their new DDoS-for-hire service called Lizard Stresser [3]. There is a long line of technical work exploring how to detect and mitigate these types of attacks [9,10,14,20,21,23,24,33]. However, a large amount of DDoS attacks are being launched by relatively unsophisticated attackers that have purchased subscriptions to low-cost DDoS-for-hire (commonly called booter) services. These services are operated by profit-motivated adversaries that have scaled up their DDoS infrastructure to meet the increasing de- mand for DDoS attacks. Despite the threat they pose, little is known about the structures of these booter ser- vices and potential weaknesses in their operations that could be used to undermine them. In this paper we undertake a large scale measure- ment study of these booter services to understand how they are structured both technologically and econom- ically with the focus of isolating potential weaknesses. We explore booters from three di↵erent angles including analysis of leaked and scraped data, measurements of their attack infrastructure and a payment intervention. Our analysis of leaked and scraped data from three booters—Asylum Stresser, Lizard Stresser and VDO 1 — demonstrates that these services have attracted over 6,000 subscribers and have launched over 600,000 at- tacks. We also find that the majority of booter cus- tomers prefer paying via PayPal and that Lizard Stresser, which only accepted Bitcoin, had a minuscule 2% sign- up to paid subscriber conversion rate compared to 15% for Asylum Stresser and 23% for VDO, which both ac- cepted PayPal. By analyzing attack tra c directed at our own servers we are able to characterize the set of amplifiers they use to direct large amounts of tra c at their victims. In order to measure the resilience of their payment infrastructure, we conduct a payment inter- vention in collaboration with PayPal. Our evaluation of the e↵ectiveness of this approach suggests that it is a promising method for reducing the subscriber base of booters. In this paper, we further our understanding of the booter ecosystem through our measurements. Based on this we identify potential improvements to ongoing ef- forts to disrupt their attack infrastructure and an alter- native and possibly more e↵ective method of undermin- ing these services by targeting their payment infrastruc- ture. Overall, we find a few places where costs might be marginally increased by more precisely mapping out and targeting parts of their attack infrastructure. We document how a large-scale payment intervention by PayPal impacts booters, including service closures. Fi- nally, we detail some of their strategies for evading de- tection by PayPal and discuss how these increase the e↵ort and costs associated with performing an ongoing payment intervention. 1 We assign each booter service a unique three letter code based on their domain name to avoid unintentionally ad- vertising their services. The two exceptions are Asylum Stresser, which ceased operation before our study and Lizard Stresser, which has already been highly publicized. 1 arXiv:1508.03410v1[cs.CR]14Aug2015 23 Booters
  • 25. 0 50 100 150 200 250 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 #Booters Time Registration Date Expiration Date Registration Interval First Passive DNS 284 Booters Prices The Booter Phenomenon: They Are a Legion Jos´e Jair Santanna⇤, Joey de Vries⇤, Anna Sperotto⇤, Lisandro Zambenedetti Granville†, and Aiko Pras⇤ ⇤ University of Twente, The Nederlands E-mail: j.j.santanna, j.devries-1, a.sperotto, a.pras@utwente.nl † Federal University of Rio Grande do Sul E-mail: granville@inf.ufrgs.br Abstract—Distributed Denial of Service (DDoS) is a type of network attack that aims to make target systems unreachable. In the past, to perform DDoS attacks require specialize knowledge from attackers. Nowadays, however, even inexperienced Internet users became able to launch those attacks. Thanks to Booters, websites that offer DDoS as a service, anyone can launch attacks at price starting from 5 Dollars. The goal of this paper is to increase awareness about the Booter phenomenon. By analyzing an extensive list of Booters we reveal how they have evolve over time, to whom/where their IP address are pointing to, their pricing schemas, and the severity of the services offered by them. I. INTRODUCTION Distributed Denial of Service (DDoS) is a type of network attack that makes target systems unreachable by overloading the targets’ resources (e.g., network connectivity and computer memory). Famous DDoS episodes against Internet services include a 300 Gbps attack against SpamHaus in 2013 [1] and a 400 Gbps attack against a CloudFlare customer in 2014 [2], the largest attack reported so far. DDoS accounts, as a result, for millions in revenue losses, reputation damage, and degradation of the relationship between customers and companies. DDoS involves a sophisticated orchestration of third party compromised machines that, under the control of an attacker, generate harmful traffic against a target victim. Performing a DDoS attack requires specialized knowledge from the attacker, especially in disciplines such as network protocols, distributed systems, and computer security. More recently, however, even inexperienced Internet users became able to carry out DDoS attacks thanks to the phenomenon usually refereed to as Booters [3]. Booters are websites that offer hundreds of DDoS attacks as services, typically charging, today, prices starting from 5 USD. Booters encapsulate DDoS attacks inside Web systems that dispense with the experience attacker. As such, ordinary, non-technical Internet users can easily order DDoS attacks against victim systems or users. The consequence is that the amount of potential DDoS attacks is not bound to the number of expert attackers anymore; it is now a function of the number of users willing to pay for the service, regardless of their level of technical expertise. Although there are undergoing investigations about the Booter phenomenon, our goal in this article is to present a comprehensive landscape of Booters. To that end, we analyze the most extensive list of Booters to date and show how Booters have evolved along the recent years. With that, our three main contributions in this article are: • We propose a methodology to find and catalog hun- dreds of Booters; • We show how Booters have evolved along the last years, based on historical data collected in North America networks; • We provide an analysis about the Booters’ market by revealing the characteristics of offered services and pricing schemas used by Booters. We present the Booters’ current landscape according to the following organization. First, in the next Section, we describe the steps we took to create a comprehensive list of Booters. Afterwards, we utilize this list of Booters to analyze four main aspects: (i) the evolution of Booters over time, (ii) the IP addresses that Booter websites point to and the relationship with DDoS protection companies, (iii) the pricing schemas in the Booter market, and (iv) the characteristics of services offered by Booters. We finally conclude this article summarizing our findings and discussing future perspectives. II. CATALOGING BOOTERS The first public signs of the Booter phenomenon started in 2012 [4], and already in 2013 Booters became popular because of the significant number of DDoS attacks ascribed to users of Booter websites [5]. That emphasized the severity of the phenomenon and motivated security specialists to investigate it. Inspired by the work of Krebs [6], Orgy [7], and an anonymous author [8], we draw the picture of the phenomenon by first creating a comprehensive list of Booters. Booter Crawler Booter Classi er Keywords Passive DNSTLDQuery Booter-Related BOOTER LIST BDN BDN+ Collaborators' Lists Fig. 1. Booter list generation workflow. The workflow of our methodology, depicted in Figure 1, starts with the Booter Crawler. It systematically searches the 0 10 20 30 40 50 60 70 80 90 PayPalBitcoinPaysafecard C oinPaym ents Starpass SkrillLitecoinYoupass C reditcard O KPayPayzaLiberty R eserve R SG PPerfectM oney TrueM oney #Booters Payment Systems Payment Systems
  • 28. Black Hat USA 2013 - Spy-Jacking the Booters we want! but …
  • 33.
  • 34.
  • 35.
  • 36.
  • 38. 284 Booter domain names 111 online Booters github.com/jjsantanna/Booter-black-List
  • 39. 1434735481, Q(Q), c861aaa8307395e94c0bc1d88e9846ff168071252198640801b108219b3899be, IN, A, quezstresser.com. 1434735481, Q(R), c861aaa8307395e94c0bc1d88e9846ff168071252198640801b108219b3899be, IN, A, quezstresser.com., NOERROR 1434735481, R(ANS), c861aaa8307395e94c0bc1d88e9846ff168071252198640801b108219b3899be, IN, A, 185.62.190.40 1434832019, Q(Q), c861aaa8307395e94c0bc1d88e9846ff168071252198640801b108219b3899be, IN, A, stagestresser.com. 1434832019, Q(R), c861aaa8307395e94c0bc1d88e9846ff168071252198640801b108219b3899be, IN, A, stagestresser.com., NOERROR 1434832019, R(ANS), c861aaa8307395e94c0bc1d88e9846ff168071252198640801b108219b3899be, IN, A, 141.101.118.99 1434832019, R(ANS), c861aaa8307395e94c0bc1d88e9846ff168071252198640801b108219b3899be, IN, A, 141.101.118.98 Passive DNS data *Roland
  • 42.
  • 45. Product Design to Online Business jairsantanna.com Jair Santanna 16/03/2016