short-paper

Measuring the Adoption of DDoS Protection Services

Authors:

Mattijs Jonker,

Anna Sperotto,

Roland van Rijswijk-Deij,

Ramin Sadre,

Aiko PrasAuthors Info & Claims

IMC '16: Proceedings of the 2016 Internet Measurement Conference

Pages 279 - 285

https://doi.org/10.1145/2987443.2987487

Published: 14 November 2016 Publication History

Get Access

Abstract

Distributed Denial-of-Service (DDoS) attacks have steadily gained in popularity over the last decade, their intensity ranging from mere nuisance to severe. The increased number of attacks, combined with the loss of revenue for the targets, has given rise to a market for DDoS Protection Service (DPS) providers, to whom victims can outsource the cleansing of their traffic by using traffic diversion.

In this paper, we investigate the adoption of cloud-based DPSs worldwide. We focus on nine leading providers. Our outlook on adoption is made on the basis of active DNS measurements. We introduce a methodology that allows us, for a given domain name, to determine if traffic diversion to a DPS is in effect. It also allows us to distinguish various methods of traffic diversion and protection. For our analysis we use a long-term, large-scale data set that covers well over 50\% of all names in the global domain namespace, in daily snapshots, over a period of 1.5 years.

Our results show that DPS adoption has grown by 1.24x in our measurement period, a prominent trend compared to the overall expansion of the namespace. Our study also reveals that adoption is often lead by big players such as large Web hosters, which activate or deactivate DDoS protection for millions of domain names at once.

References

[1]

Steve Mansfield-Devine. The evolution of DDoS. Computer Fraud, Security, 2014(10):15--20, 2014.

Google Scholar

[2]

Matthew Prince. The DDoS That Knocked Spamhaus Offline (And How We Mitigated It). https://blog.cloudflare.com/the-ddos-that-knocked-spamhaus-offline-and-ho/. Accessed: 2016-04--28.

Google Scholar

[3]

Swati Khandelwal. 602 Gbps! This May Have Been the Largest DDoS Attack in History. https://thehackernews.com/2016/01/biggest-ddos-attack.html. Accessed: 2016-05--12.

Google Scholar

[4]

Mohammad Karami and Damon McCoy. Understanding the Emerging Threat of DDoS-As-a-Service. Presented as part of the 6th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET'13), 2013.

Google Scholar

[5]

José Jair Santanna, Roland van Rijswijk-Deij, Rick Hofstede, Anna Sperotto, Mark Wierbosch, Lisandro Zambenedetti Granville, and Aiko Pras. Booters -- An Analysis of DDoS-as-a-Service Attacks. In Proceedings of the 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM'2015), pages 243--251, 2015.

Crossref

Google Scholar

[6]

Global DDoS Threat Landscape Q1 2016. https://www.incapsula.com/ddos-report/ddos-report-q1--2016.html. Accessed: 2016-04--28.

Google Scholar

[7]

John Pescatore. DDoS Attacks Advancing and Enduring: A SANS Survey.notype, SANS, 2014.

Google Scholar

[8]

Cheng Huang, Angela Wang, Jin Li, and Keith W. Ross. Measuring and Evaluating Large-Scale CDNs. In Microsoft Research Technical Report MSR-TR-2008--106, October 2008. (full paper withdrawn from the 8th ACM SIGCOMM Conference on Internet Measurement (IMC'08)).

Crossref

Google Scholar

[9]

Erik Nygren, Ramesh K. Sitaraman, and Jennifer Sun. The akamai network: A platform for high-performance internet applications. SIGOPS Oper. Syst. Rev., 44(3):2--19, August 2010.

Digital Library

Google Scholar

[10]

The Domain Name Industry Brief. https://www.verisign.com/en_US/innovation/dnib/index.xhtml. Accessed: 2016-08-01.

Google Scholar

[11]

Thomas Vissers, Tom van Goethem, Wouter Joosen, and Nick Nikiforakis. Maneuvering Around Clouds: Bypassing Cloud-based Security Providers. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pages 1530--1541, 2015.

Digital Library

Google Scholar

[12]

Roland van Rijswijk-Deij, Mattijs Jonker, Anna Sperotto, and Aiko Pras. A High-Performance, Scalable Infrastructure for Large-Scale Active DNS Measurements. IEEE Journal on Selected Areas in Communications (JSAC), 34(6):1877--1888, 2016.

Crossref

Google Scholar

[13]

Rick Holland and Ed Ferrara. The Forrester Wave#8482;: DDoS Services Providers (Q3 2015).notype, Forrester Research, Inc., July 2015.

Google Scholar

Cited By

View all

Hiesgen RNawrocki MBarcellos MKopp DHohlfeld OChan EDobbins RDoerr CRossow CThomas DJonker MMok RLuo XKristoff JSchmidt TWählisch Mclaffy kVallina-Rodríguez NSuarez-Tángil GLevin DPelsser C(2024)The Age of DDoScovery: An Empirical Comparison of Industry and Academic DDoS AssessmentsProceedings of the 2024 ACM on Internet Measurement Conference10.1145/3646547.3688451(259-279)Online publication date: 4-Nov-2024
https://dl.acm.org/doi/10.1145/3646547.3688451
Lee HKang TYang SJun JKwon T(2024)DDD: A DNS-based DDoS Defense Scheme Using Puzzles2024 33rd International Conference on Computer Communications and Networks (ICCCN)10.1109/ICCCN61486.2024.10637603(1-9)Online publication date: 29-Jul-2024
https://doi.org/10.1109/ICCCN61486.2024.10637603
Tandon RWang HWeideman NArakelyan SBartlett GHauser CMirkovic J(2023)Leader: Defense Against Exploit-Based Denial-of-Service Attacks on Web ApplicationsProceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3607199.3607238(744-758)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3607199.3607238
Show More Cited By

Index Terms

Measuring the Adoption of DDoS Protection Services
1. Security and privacy

Recommendations

Countering DDoS and XDoS Attacks against Web Services
EUC '08: Proceedings of the 2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing - Volume 01

Cyber-criminals use distributed denial-of-service attacks (DDoS) and XML denial-of-service attacks (XDoS) to extort money from online service providers. This kind of attacks is normally targeted at a particular service provider to exhaust the network ...
DDoS Attacks: Evolution, Detection, Prevention, Reaction, and Tolerance
SENSS Against Volumetric DDoS Attacks
ACSAC '18: Proceedings of the 34th Annual Computer Security Applications Conference

Volumetric distributed denial-of-service (DDoS) attacks can bring any network to a halt. Because of their distributed nature and high volume, the victim often cannot handle these attacks alone and needs help from upstream ISPs. Today's Internet has no ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

IMC '16: Proceedings of the 2016 Internet Measurement Conference

November 2016

570 pages

ISBN:9781450345262

DOI:10.1145/2987443

General Chairs:
Phillipa Gill
University of Massachusetts--Amherst
,
John Heidemann
USC/ISI
,
Program Chairs:
John W. Byers
Boston University
,
Ramesh Govindan
USC

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 November 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Funding Sources

Nederlandse Organisatie voor Wetenschappelijk Onderzoek

Conference

IMC 2016

Sponsor:

SIGMETRICS
SIGCOMM
USENIX Assoc

IMC 2016: Internet Measurement Conference

November 14 - 16, 2016

California, Santa Monica, USA

Acceptance Rates

IMC '16 Paper Acceptance Rate 48 of 184 submissions, 26%;

Overall Acceptance Rate 277 of 1,083 submissions, 26%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

39
Total Citations
View Citations
1,066
Total Downloads

Downloads (Last 12 months)113
Downloads (Last 6 weeks)21

Reflects downloads up to 16 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Hiesgen RNawrocki MBarcellos MKopp DHohlfeld OChan EDobbins RDoerr CRossow CThomas DJonker MMok RLuo XKristoff JSchmidt TWählisch Mclaffy kVallina-Rodríguez NSuarez-Tángil GLevin DPelsser C(2024)The Age of DDoScovery: An Empirical Comparison of Industry and Academic DDoS AssessmentsProceedings of the 2024 ACM on Internet Measurement Conference10.1145/3646547.3688451(259-279)Online publication date: 4-Nov-2024
https://dl.acm.org/doi/10.1145/3646547.3688451
Lee HKang TYang SJun JKwon T(2024)DDD: A DNS-based DDoS Defense Scheme Using Puzzles2024 33rd International Conference on Computer Communications and Networks (ICCCN)10.1109/ICCCN61486.2024.10637603(1-9)Online publication date: 29-Jul-2024
https://doi.org/10.1109/ICCCN61486.2024.10637603
Tandon RWang HWeideman NArakelyan SBartlett GHauser CMirkovic J(2023)Leader: Defense Against Exploit-Based Denial-of-Service Attacks on Web ApplicationsProceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3607199.3607238(744-758)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3607199.3607238
Farasat TRathore MKhan AKim JPosegga J(2023)Machine Learning-based BGP Traffic Prediction2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom60117.2023.00262(1925-1934)Online publication date: 1-Nov-2023
https://doi.org/10.1109/TrustCom60117.2023.00262
Chen XLiu HZhang DHuang QZhou HWu CYang Q(2023)Empowering DDoS Attack Mitigation with Programmable SwitchesIEEE Network10.1109/MNET.107.210064337:3(112-117)Online publication date: May-2023
https://doi.org/10.1109/MNET.107.2100643
Nawrocki MKristoff JHiesgen RKanich CSchmidt TWählisch M(2023)SoK: A Data-driven View on Methods to Detect Reflective Amplification DDoS Attacks Using Honeypots2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP57164.2023.00041(576-591)Online publication date: Jul-2023
https://doi.org/10.1109/EuroSP57164.2023.00041
Arbabi MLal CVeeraragavan NMarijan DNygard JVitenberg R(2023)A Survey on Blockchain for Healthcare: Challenges, Benefits, and Future DirectionsIEEE Communications Surveys & Tutorials10.1109/COMST.2022.322464425:1(386-424)Online publication date: Sep-2024
https://doi.org/10.1109/COMST.2022.3224644
Ibrahim RAbu Al-Haija QAhmad A(2022)DDoS Attack Prevention for Internet of Thing Devices Using Ethereum Blockchain TechnologySensors10.3390/s2218680622:18(6806)Online publication date: 8-Sep-2022
https://doi.org/10.3390/s22186806
Xu ZRamanathan SRush AMirkovic JYu MBianchi GMei A(2022)XatuProceedings of the 18th International Conference on emerging Networking EXperiments and Technologies10.1145/3555050.3569121(1-17)Online publication date: 30-Nov-2022
https://dl.acm.org/doi/10.1145/3555050.3569121
Sommese RClaffy Kvan Rijswijk-Deij RChattopadhyay ADainotti ASperotto AJonker MBarakat CPelsser CBenson TChoffnes D(2022)Investigating the impact of DDoS attacks on DNS infrastructureProceedings of the 22nd ACM Internet Measurement Conference10.1145/3517745.3561458(51-64)Online publication date: 25-Oct-2022
https://dl.acm.org/doi/10.1145/3517745.3561458
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Countering DDoS and XDoS Attacks against Web Services

DDoS Attacks: Evolution, Detection, Prevention, Reaction, and Tolerance

SENSS Against Volumetric DDoS Attacks