Assessing the Capacity of DRDoS-For-Hire Services in Cybercrime Markets

Hyslip, Thomas S.; Holt, Thomas J.

doi:10.1080/01639625.2019.1616489

Cited by 19 publications

(19 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Such attacks can be carried out in one of several ways: a single attacker machine can launch a DoS attack against a victim machine by transmitting a large number of network traffic packets that appear to be legitimate, to bypass security controls along the way; multiple attacker machines can participate in a distributed-style DoS attack, i.e., a Distributed Denial of Service (DDoS) attack, resulting in a similar outcome at the victim machine. DoS attacks are increasingly becoming more sophisticated and harder to detect, because of the ready availability of attacker tools, as well as the proliferation of the CyberCrime as a Service (CCaaS) market [22]. 2) Man-in-The-Middle (MiTM) attacks: These are legacy cyberattacks carried out through the process of interception of transmitted data on a communication line between two legitimate communicating parties.…”

Section: Cybersecurity Threats and Legacy Cybersecurity Solutionsmentioning

confidence: 99%

Harnessing Artificial Intelligence Capabilities to Improve Cybersecurity

et al. 2020

View full text Add to dashboard Cite

Cybersecurity is a fast-evolving discipline that is always in the news over the last decade, as the number of threats rises and cybercriminals constantly endeavor to stay a step ahead of law enforcement. Over the years, although the original motives for carrying out cyberattacks largely remain unchanged, cybercriminals have become increasingly sophisticated with their techniques. Traditional cybersecurity solutions are becoming inadequate at detecting and mitigating emerging cyberattacks. Advances in cryptographic and Artificial Intelligence (AI) techniques (in particular, machine learning and deep learning) show promise in enabling cybersecurity experts to counter the ever-evolving threat posed by adversaries. Here, we explore AI's potential in improving cybersecurity solutions, by identifying both its strengths and weaknesses. We also discuss future research opportunities associated with the development of AI techniques in the cybersecurity field across a range of application domains.

show abstract

Section: Cybersecurity Threats and Legacy Cybersecurity Solutionsmentioning

confidence: 99%

Harnessing Artificial Intelligence Capabilities to Improve Cybersecurity

et al. 2020

View full text Add to dashboard Cite

show abstract

“…The services were primarily used by gamers to "boot" their opponents offline and win a game (Hutchings and Clayton 2016). But as the services began to be used for DDoS attacks against websites and other Internet resources, the operators began to refer to the services as "stressers" and advertised the stressers as a way to "stress" test their own IT systems (Hyslip and Holt 2019).…”

Section: Stressers and Bootersmentioning

confidence: 99%

“…In addition to reflecting the DRDoS attack, the attacks are also amplified when reflected off the vulnerable servers (Rossow and Gortz 2014). DRDoS attacks are able to execute large-scale DDoS attacks with very few resources while masking the source of the attack (Hyslip and Holt 2019). Recent attacks show stressers are able to launch DRDoS attacks in excess of 600 gigabits per second (Whitaker 2016).…”

Section: Stressers and Bootersmentioning

confidence: 99%

“…This makes the shops profitable for the CaaS operators but requires bulletproof hosting and domain registration by a third-party reseller. Interestingly, many shops also use anti-DDoS services such as Cloudflare to mask their hosting IP address and provide protection from DDoS attacks by competitors (Hyslip and Holt 2019). Figure 18 shows a carding shop that sells stolen credit cards via a website.…”

Section: Hacker Shopsmentioning

confidence: 99%

See 1 more Smart Citation

Cybercrime-as-a-Service Operations

Hyslip¹

2020

The Palgrave Handbook of International Cybercrime and Cyberdeviance

Self Cite

View full text Add to dashboard Cite

This chapter explores the cybercrime-as-a-service operations that have changed the cybercrime marketplace from a direct sales model to a managed service model. As cybercrime evolved, so did the motivation and skill of the hackers. What began as a highly skilled activity undertaken by individuals driven by curiosity and research grew to a horde of lightly trained yet motivated young people looking for notoriety and/or a quick profit as tools became easier to use and more readily available. As the ability to profit from cybercrime grew exponentially, hackers began to sell their services, and eventually it was more profitable and less risky to sell a packaged cybercrime as a service than commit the crime. The cybercrime-as-a-service operations now involve many types of cybercrime including botnets, distributed denial of service attacks (DDoS), credit card fraud, malware, spam, and phishing attacks. The services are sold through hacker forums, direct web sales, and on the dark web using cryptocurrency. The world's law enforcement agencies have recognized the threat of cybercrime-as-a-service operations, and there have been recent high-profile arrests of the operators and takedowns of the cybercrime-as-a-service operations.

show abstract

“…These services allow individuals to execute high-volume distributed denial of service attacks (DDoS) that render websites, gaming servers, and other online services unusable to others (Hutchings & Clayton, 2016;Hyslip & Holt, 2019;Santanna et al, 2015). Similar to how an unexpected traffic jam prevents regular traffic from arriving at its destination, a DDoS attack generally involves disrupting the normal traffic of a targeted server or network by overwhelming its flow of Internet traffic with more requests than can be fulfilled in millisecond intervals, rendering the platform inoperative to all parties until the traffic ceases (see Hutchings & Clayton, 2016;Hyslip & Holt, 2019).…”

Section: Introductionmentioning

confidence: 99%

Exploring Risk Avoidance Practices Among On-Demand Cybercrime-as-Service Operations

Holt

Lee

Smirnova

2022

Crime & Delinquency

Self Cite

View full text Add to dashboard Cite

Criminologists have recently explored online cybercrime-as-service markets where offenders offer hacking tools and services for a fee. So-called “stresser” or “booter” markets offering distributed reflective denial of service (DRDoS) attacks have been a recent target of international law enforcement action. Few have explored the ways in which these operations continued to function under increased enforcement and sanction. This study attempted to address this gap through a qualitative analysis of online advertisements from 44 booter and stresser operators. The findings revealed operators changed their preferred communications and payment platforms, as well as increased the attack methods available to customers. The implications of this analysis for our understanding of illicit online markets, and the decision-making processes of cybercriminals are discussed in detail.

show abstract

Assessing the Capacity of DRDoS-For-Hire Services in Cybercrime Markets

Cited by 19 publications

References 20 publications

Harnessing Artificial Intelligence Capabilities to Improve Cybersecurity

Harnessing Artificial Intelligence Capabilities to Improve Cybersecurity

Cybercrime-as-a-Service Operations

Exploring Risk Avoidance Practices Among On-Demand Cybercrime-as-Service Operations

Contact Info

Product

Resources

About