Booter services provide Denial of Service (DoS) attacks as-a-service. They generate large amounts of traffic which overwhelm end users or web services, taking them offline or making legitimate access impossible. Booter operators advertise customer-facing websites where individuals can purchase attacks, generally targeting gaming related websites and their users.
Collier et al. statistically modeled and evaluated the effects of a range of police interventions on the booter services market. They used a dataset of victims of DoS amplification attacks, a technique widely used by booter services, covering a five-year period from 2014. They added a second dataset of selfreported DoS attack numbers collected from the booter websites themselves since November 2017. Combining the data with a timeline of police interventions reported by the press for the same time period, they established a statistical model to assess their impact on booter services.
Media coverage of the prosecution or sentencing of booter providers appeared to have no consistent effect on the number of attacks. Taking down individual booter services led to short-term drops in attacks, with no lasting effect. Taking down several services at once, to the contrary, caused several booters to leave the market permanently and suppressed user demand for services over a sustained period. The online advertising campaign of the United Kingdom National Crime Agency, warning Google users of the illegality of DoS attacks when they searched for booter-related terms, also appeared to be effective. As the number of attacks grew in other nations, numbers flattened in the UK for a period of eight months, starting with the campaign. This suggests that the rise in attacks comes from new users rather than extra activity by existing users, at least in the UK.
The booter community does not display the deterrent effect typical to offline illicit activities, where interventions affect the risk calculus of actors involved in crime. This study suggests that deterrence is explained by cultural factors in the booter community, which is particularly reliant on the widespread narrative that booting is not a serious crime. Advertising campaigns such as the National Crime Agency’s could thus be a key part of a strategy against booting. Arrests have a limited and short-lived effect on attack numbers. It is an open question as to whether they are essential to reinforce the impact of a takedown, aside from preventing a booter operator from starting again immediately. Wide-ranging website takedowns appear to have a structural effect on the market, concentrating booter services and making them potentially more susceptible to further intervention.
Taking down several booter services at once and sensitization campaigns are more effective interventions against booter service operators.
Financé par : 
Hébergé par : 
© 2019 SERENE-RISC, Tous droits réservés. Conditions d'utilisation