Embed Size (px)
Citation preview
Do I need to say what is a booter?
Understand the BOOTER phenomenon
in a systematic way
to identify their VULNERABILITIES and
collect EVIDENCES for mitigation and prosecution.
My Goal:
BOOTERs are the CAUSE of the increase of attacks.
My Motivation:
Booters ecosystem is weak and we can take advantage […]
+
Booters' Ecosystem
Clients’ Point of View Targets’ Point of View
Owners’ Point of View
Important Observation:
My Overall Approach:
Infiltrate the booter phenomenon
becoming an ACTUAL customer,
understand what/how services are offered,
and use booters as STRESS TESTERS
against an ACTUAL target.
Clients’ Point of View Targets’ Point of View
Owners’ Point of View
My Approach:
Clients’ Point of View
if mitigated […]
the booter phenomenon
will eventually disappear.
Some Conclusions:
*but not DDoS attacks
Targets’ Point of View
[…] booter attacks are
NOT different from
generic attacks BUT they
are easy to label/
fingerprint.
Some Conclusions:
Owners’ Point of View
[…] there is NEITHER
legal NOR ethical
justification to OPERATE
or USE booters.
Some Conclusions:
Multidisciplinary
set of METHODOLOGIES
that collects EVIDENCES
against the BOOTER phenomenon.
All the methodologies can adapt to "a moving target”, e.g., booters.
Remember My Goal?!
Scientific Contribution:
Understand the BOOTER phenomenon
in a systematic way
to identify their VUNERABILITIES,
producing EVIDENCES for mitigation and prosecution.
Done.
Papers: http://jairsantanna.com/
Three s
DDoS & BootersJair Santanna
[email protected] jairsantanna.com
02/12/2016
Please JUDGE my presentation at
http://jairsantanna.com/judgemypresentation
