Skip to content. | Skip to navigation

Personal tools

This is SunRain Plone Theme

Navigation

You are here: Home / Publications

Abstract

Giancarlo Pellegrino, Christian Rossow, Fabrice J. Ryba, Thomas C. Schmidt, Matthias Wählisch,
Cashing out the Great Cannon? On Browser-Based DDoS Attacks and Economics,
In: Proc. of 9th USENIX Security Workshop on Offensive Technologies (WOOT), p. 1–8, USENIX Assoc. : Berkeley, CA, USA, 2015.
[html][BibTeX][Abstract]

Abstract: The Great Cannon DDoS attack has shown that HTML/JavaScript can be used to launch HTTP-based DoS attacks. In this paper, we identify options that could allow the implementation of the general idea of browser-based DDoS botnets and review ways how attackers can acquire bots (e.g., typosquatting and malicious ads). We then assess the DoS impact of browser features and show that at least three JavaScript-based techniques can orchestrate clients to send thousands of HTTP requests per second. Seeing the vats potential, we evaluate the economics of browser-based botnets and show that their cost are about as high as traditional DDoS botnets–while giving far less flexibility in terms of attack features and control over the bots. Finally, we discuss victim- and browser-side countermeasures.

Themes: Network Security, Internet Measurement and Analysis

 


This page generated by bibTOhtml on Sun 19 May 00:05:09 CEST 2019

Document Actions

« May 2019 »
May
MoTuWeThFrSaSu
12345
6789101112
13141516171819
20212223242526
2728293031
Upcoming Events
IFIP Networking Conference May 20, 2019 - May 22, 2019 — Warsaw, Poland
RIOT Hack'n'ACK (2019/05) May 28, 2019 05:00 PM - 11:00 PM — HAW Hamburg, BT7, R4.60
RIOT Hack'n'ACK (2019/06) Jun 25, 2019 05:00 PM - 11:00 PM — HAW Hamburg, BT7, R4.60
Upcoming events…