Top

Published in:

2019 | OriginalPaper | Chapter

Booter Blacklist Generation Based on Content Characteristics

Authors : Wang Zhang, Xu Bai, Chanjuan Chen, Zhaolin Chen

Published in: Collaborative Computing: Networking, Applications and Worksharing

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Distributed Denial of Service (DDoS) attacks-as-a-service, known as Booter or Stresser, is convenient and low-priced for ordinary people to launch DDoS attacks. It makes DDoS attacks even more rampant. However, until now there is not much research on Booter and little acquaintance with their backend infrastructure, customers, business, etc. In this paper, we present a new method which focuses on the content (text) characteristics on Booters websites and selects more discriminative features between Booter and non-Booter to identify Booters more effectively in the Internet. The experimental results show that the classification accuracy of distinguishing Booter and non-Booter websites is 98.74%. In addition, our method is compared with several representative methods and the results show that the proposed method outperforms the classical methods in 66% of the classification cases on three datasets: Booter websites, 20-Newsgroups and WebKB.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Target Gene Mining Algorithm Based on gSpan

next chapter A 2D Transform Based Distance Function for Time Series Classification

The 4 universities data set (1998). http://www.cs.cmu.edu/afs/cs.cmu.edu/project/theo-20/www/data/. Accessed 4 June 2018

Home page for 20 newsgroups data set (2008). http://www.qwone.com/~jason/20Newsgroups/. Accessed 4 June 2018

Akamai: Third quarter 2016 state of the internet/security report (2016). https://www.akamai.com/us/en/about/news/press/2016-press/akamai-releases-third-quarter-2016-state-of-the-internet-security-report.jsp. Accessed 4 July 2018

Goodin, D.: US service provider survives the biggest recorded DDoS in history (2018). https://arstechnica.com/information-technology/2018/03/us-service-provider-survives-the-biggest-recorded-ddos-in-history/. Accessed 4 July 2018

Karami, M., Park, Y., McCoy, D.: Stress testing the booters: understanding and undermining the business of DDoS services. In: Proceedings of the 25th International Conference on World Wide Web, pp. 1033–1043. International World Wide Web Conferences Steering Committee (2016)

Krämer, L., et al.: AmpPot: monitoring and defending against amplification DDoS attacks. In: Bos, H., Monrose, F., Blanc, G. (eds.) RAID 2015. LNCS, vol. 9404, pp. 615–636. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26362-5_28CrossRef

Krupp, J., Backes, M., Rossow, C.: Identifying the scan and attack infrastructures behind amplification DDoS attacks. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1426–1437. ACM (2016)

Krupp, J., Karami, M., Rossow, C., McCoy, D., Backes, M.: Linking amplification DDoS attacks to booter services. In: Dacier, M., Bailey, M., Polychronakis, M., Antonakakis, M. (eds.) RAID 2017. LNCS, vol. 10453, pp. 427–449. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66332-6_19CrossRef

Noroozian, A., Korczyński, M., Gañan, C.H., Makita, D., Yoshioka, K., van Eeten, M.: Who gets the boot? Analyzing victimization by DDoS-as-a-Service. In: Monrose, F., Dacier, M., Blanc, G., Garcia-Alfaro, J. (eds.) RAID 2016. LNCS, vol. 9854, pp. 368–389. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45719-2_17CrossRef

10.

Prince, M.: Technical details behind a 400 Gbps NTP amplification DDoS attack (2014). https://blog.cloudflare.com/technical-details-behind-a-400gbps-ntp-amplification-ddos-attack/. Accessed 4 July 2018

11.

Quinlan, J.R.: Induction of decision trees. Mach. Learn. 1(1), 81–106 (1986)

12.

Santanna, J.J.: DDoS-as-a-Service: investigating booter websites. Ph.D. thesis. University of Twente, Enschede, The Netherlands (2017). https://doi.org/10.3990/1.9789036544290

13.

Santanna, J.J.: Booters (black)list and ecosystem analysis (2018). https://jjsantanna.github.io/booters_ecosystem_analysis/. Accessed 4 July 2018

14.

Santanna, J.J., et al.: Booters—an analysis of DDoS-as-a-Service attacks. In: 2015 IFIP/IEEE International Symposium on Integrated Network Management, IM, pp. 243–251. IEEE (2015)

15.

Santanna, J.J., de Vries, J., de O. Schmidt, R., Tuncer, D., Granville, L.Z., Pras, A.: Booter list generation: the basis for investigating DDoS-for-hire websites. Int. J. Netw. Manag. 28(1), e2008 (2018)CrossRef

16.

Shang, W., Huang, H., Zhu, H., Lin, Y., Qu, Y., Wang, Z.: A novel feature selection algorithm for text categorization. Expert Syst. Appl. 33(1), 1–5 (2007)CrossRef

17.

Yan, J., et al.: OCFS: optimal orthogonal centroid feature selection for text categorization. In: Proceedings of the 28th Annual International ACM SIGIR Conference on Research and Development in Information Retrieval, pp. 122–129. ACM (2005)

18.

Yang, J., Qu, Z., Liu, Z.: Improved feature-selection method considering the imbalance problem in text categorization. Sci. World J. 2014(3) (2014)

19.

Yang, Y., Pedersen, J.O.: A comparative study on feature selection in text categorization. In: ICML, vol. 97, pp. 412–420 (1997)

Title: Booter Blacklist Generation Based on Content Characteristics
Authors: Wang Zhang
Xu Bai
Chanjuan Chen
Zhaolin Chen
Publisher: Springer International Publishing
Book: Collaborative Computing: Networking, Applications and Worksharing
Print ISBN: 978-3-030-12980-4

Electronic ISBN: 978-3-030-12981-1

Copyright Year: 2019
DOI: https://doi.org/10.1007/978-3-030-12981-1_37

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"