The contents of this legacy page are no longer maintained nor supported, and are made available only for historical purposes.

Bibliography Details

D. Moore, G. Voelker, and S. Savage, "Inferring Internet Denial-of-Service Activity", in USENIX Security Symposium, Aug 2001.

Inferring Internet Denial-of-Service Activity
Authors: D. Moore
G. Voelker
S. Savage
Published: USENIX Security Symposium, 2001
Entry Date: 2003-01-30

In this paper, we seek to answer a simple question: "How prevalent are denial-of-service attacks in the Internet today?". Our motivation is to understand quantitatively the nature of the current threat a s well as to enable longer-term analyses of trends and recurring patterns of attacks. We present a new t echnique, called "backscatter analysis", that provides an estimate of worldwide denial-of-service activit y. We use this approach on three week-long datasets to assess the number, duration and focus of attacks, and to characterize their behavior. During this period, we observe more than 12,000 attacks against mor e than 5,000 distinct targets, ranging from well known e-commerce companies such as Amazon and Hotmail to small foreign ISPs and dial-up connections. We believe that our work is the only publically available d ata quantifying denial-of-service activity in the Internet.