A Case Study in Opportunity Reduction: Mitigating the Dirt Jumper Drive -smart attack

No ratings

Presented at JISIC 2014 by

Joel Lathrop

James O'kane

Over the past few years, a particularly virulent strain of distributed denial-of-service (DDoS) malware known as Dirt Jumper has emerged. It has progressed through several iterations and has recently developed capabilities to circumvent measures employed by certain anti-DDoS hosting providers; this new capability was exposed as a new attack type named smart. The primary contribution of this paper is to show how the mechanism of the smart attack can itself be exploited to prevent an attacking Dirt Jumper bot from reaching its desired target application webserver as well as tarpitting the botnet,reducing its request rate more than a hundred fold. This opportunity-reduction technique is briefly examined within the crime science framework of situational crime prevention.