Description: overall history about my ~4 years as a PhD research investigating the booter phenomenon (and beyond).
Location: SURFnet, the Netherlands
#Attendees: ~25
3. Understand the BOOTER phenomenon
in a systematic way
to identify their VULNERABILITIES and
collect EVIDENCES for mitigation and prosecution.
My Goal:
4. BOOTERs are the CAUSE of the increase of attacks.
My Motivation:
Booters ecosystem is weak and we can take advantage […]
+
6. Clients’ Point of View Targets’ Point of View
Owners’ Point of View
Important Observation:
7. My Overall Approach:
Infiltrate the booter phenomenon
becoming an ACTUAL customer,
understand what/how services are offered,
and use booters as STRESS TESTERS
against an ACTUAL target.
8. Clients’ Point of View Targets’ Point of View
Owners’ Point of View
My Approach:
9. Clients’ Point of View
if mitigated […]
the booter phenomenon
will eventually disappear.
Some Conclusions:
*but not DDoS attacks
10. Targets’ Point of View
[…] booter attacks are
NOT different from
generic attacks BUT they
are easy to label/
fingerprint.
Some Conclusions:
11. Owners’ Point of View
[…] there is NEITHER
legal NOR ethical
justification to OPERATE
or USE booters.
Some Conclusions:
12. Multidisciplinary
set of METHODOLOGIES
that collects EVIDENCES
against the BOOTER phenomenon.
All the methodologies can adapt to "a moving target”, e.g., booters.
Remember My Goal?!
Scientific Contribution:
Understand the BOOTER phenomenon
in a systematic way
to identify their VUNERABILITIES,
producing EVIDENCES for mitigation and prosecution.