{"id":"https://openalex.org/W2292781412","doi":"https://doi.org/10.1109/malware.2015.7413679","title":"Using inherent command and control vulnerabilities to halt DDoS attacks","display_name":"Using inherent command and control vulnerabilities to halt DDoS attacks","publication_year":2015,"publication_date":"2015-10-01","ids":{"openalex":"https://openalex.org/W2292781412","doi":"https://doi.org/10.1109/malware.2015.7413679","mag":"2292781412"},"language":"en","primary_location":{"id":"doi:10.1109/malware.2015.7413679","is_oa":false,"landing_page_url":"https://doi.org/10.1109/malware.2015.7413679","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2015 10th International Conference on Malicious and Unwanted Software (MALWARE)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5035321347","display_name":"Lanier Watkins","orcid":"https://orcid.org/0000-0002-3322-1833"},"institutions":[{"id":"https://openalex.org/I145311948","display_name":"Johns Hopkins University","ror":"https://ror.org/00za53h95","country_code":"US","type":"education","lineage":["https://openalex.org/I145311948"]},{"id":"https://openalex.org/I4210114877","display_name":"Johns Hopkins Center for Health Security","ror":"https://ror.org/01fhm1y42","country_code":"US","type":"education","lineage":["https://openalex.org/I4210114877"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Lanier Watkins","raw_affiliation_strings":["Information Security Institute, Johns Hopkins University Baltimore, MD, USA"],"affiliations":[{"raw_affiliation_string":"Information Security Institute, Johns Hopkins University Baltimore, MD, USA","institution_ids":["https://openalex.org/I4210114877","https://openalex.org/I145311948"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071118115","display_name":"Kurt Silberberg","orcid":null},"institutions":[{"id":"https://openalex.org/I4210114877","display_name":"Johns Hopkins Center for Health Security","ror":"https://ror.org/01fhm1y42","country_code":"US","type":"education","lineage":["https://openalex.org/I4210114877"]},{"id":"https://openalex.org/I145311948","display_name":"Johns Hopkins University","ror":"https://ror.org/00za53h95","country_code":"US","type":"education","lineage":["https://openalex.org/I145311948"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kurt Silberberg","raw_affiliation_strings":["Information Security Institute, Johns Hopkins University Baltimore, MD, USA"],"affiliations":[{"raw_affiliation_string":"Information Security Institute, Johns Hopkins University Baltimore, MD, USA","institution_ids":["https://openalex.org/I4210114877","https://openalex.org/I145311948"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048340882","display_name":"Jose Andre Morales","orcid":"https://orcid.org/0000-0001-7177-8192"},"institutions":[{"id":"https://openalex.org/I114772536","display_name":"Software Engineering Institute","ror":"https://ror.org/01xqjjn94","country_code":"US","type":"facility","lineage":["https://openalex.org/I114772536","https://openalex.org/I74973139"]},{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jose Andre Morales","raw_affiliation_strings":["Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA, USA"],"affiliations":[{"raw_affiliation_string":"Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I114772536","https://openalex.org/I74973139"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5106128999","display_name":"William H. Robinson","orcid":"https://orcid.org/0000-0001-9291-689X"},"institutions":[{"id":"https://openalex.org/I200719446","display_name":"Vanderbilt University","ror":"https://ror.org/02vm5rt34","country_code":"US","type":"education","lineage":["https://openalex.org/I200719446"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"William H. Robinson","raw_affiliation_strings":["Research Group, Vanderbilt University, Nashville, TN, USA"],"affiliations":[{"raw_affiliation_string":"Research Group, Vanderbilt University, Nashville, TN, USA","institution_ids":["https://openalex.org/I200719446"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5035321347"],"corresponding_institution_ids":["https://openalex.org/I145311948","https://openalex.org/I4210114877"],"apc_list":null,"apc_paid":null,"fwci":0.338,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.68338042,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"3","last_page":"10"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.695763349533081},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6848336458206177},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.6182020902633667},{"id":"https://openalex.org/keywords/trinoo","display_name":"Trinoo","score":0.5362514853477478},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.5301127433776855},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.4797419309616089},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.4679996371269226},{"id":"https://openalex.org/keywords/dirt","display_name":"Dirt","score":0.4538884460926056},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.4221463203430176},{"id":"https://openalex.org/keywords/offensive","display_name":"Offensive","score":0.41411077976226807},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.4089469313621521},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.21134385466575623},{"id":"https://openalex.org/keywords/application-layer-ddos-attack","display_name":"Application layer DDoS attack","score":0.2037431001663208},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.1376032531261444},{"id":"https://openalex.org/keywords/operations-research","display_name":"Operations research","score":0.10693204402923584}],"concepts":[{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.695763349533081},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6848336458206177},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.6182020902633667},{"id":"https://openalex.org/C43639116","wikidata":"https://www.wikidata.org/wiki/Q7843050","display_name":"Trinoo","level":5,"score":0.5362514853477478},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.5301127433776855},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.4797419309616089},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.4679996371269226},{"id":"https://openalex.org/C2778582501","wikidata":"https://www.wikidata.org/wiki/Q555882","display_name":"Dirt","level":2,"score":0.4538884460926056},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.4221463203430176},{"id":"https://openalex.org/C176856949","wikidata":"https://www.wikidata.org/wiki/Q2001676","display_name":"Offensive","level":2,"score":0.41411077976226807},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.4089469313621521},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.21134385466575623},{"id":"https://openalex.org/C120865594","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Application layer DDoS attack","level":4,"score":0.2037431001663208},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.1376032531261444},{"id":"https://openalex.org/C42475967","wikidata":"https://www.wikidata.org/wiki/Q194292","display_name":"Operations research","level":1,"score":0.10693204402923584},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/malware.2015.7413679","is_oa":false,"landing_page_url":"https://doi.org/10.1109/malware.2015.7413679","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2015 10th International Conference on Malicious and Unwanted Software (MALWARE)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.550000011920929,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":7,"referenced_works":["https://openalex.org/W1432036814","https://openalex.org/W1530266714","https://openalex.org/W2091614396","https://openalex.org/W2162969618","https://openalex.org/W2204500561","https://openalex.org/W2546296060","https://openalex.org/W6631578680"],"related_works":["https://openalex.org/W2783466926","https://openalex.org/W2038807247","https://openalex.org/W1968168724","https://openalex.org/W4286539397","https://openalex.org/W1754340081","https://openalex.org/W2095378509","https://openalex.org/W4281754402","https://openalex.org/W2097156747","https://openalex.org/W4230824443","https://openalex.org/W2559738661"],"abstract_inverted_index":{"Dirt":[0,18,58,205],"Jumper":[1,19,59,206],"is":[2,64,272],"a":[3,96,103,263,273],"powerful":[4],"distributed":[5],"denial":[6],"of":[7,11,62,84,86,115,137,198,208,214,222,225],"service":[8],"(DDoS)":[9],"family":[10,73,207],"toolkits":[12],"(e.g.,":[13],"includes":[14],"Drive":[15],"version":[16,20],"x,":[17,21],"and":[22,40,76,125,171,219,231,252,268],"Pandora)":[23],"sold":[24],"in":[25,94,248],"online":[26],"black":[27],"markets.":[28],"The":[29,57,79,131],"buyers":[30],"are":[31,127,184],"typically":[32],"individuals":[33],"who":[34],"seek":[35],"to":[36,43,50,140,163,175,188,240],"infect":[37],"computers":[38],"globally":[39],"incite":[41],"them":[42],"collectively":[44],"emit":[45],"crippling":[46],"unsolicited":[47],"network":[48],"traffic":[49],"unsuspecting":[51],"targets,":[52],"often":[53],"for":[54,266],"criminal":[55],"purposes.":[56],"Family":[60],"(DJF)":[61],"botnets":[63],"not":[65,128],"new;":[66],"however,":[67],"new":[68],"variants":[69],"have":[70,152,161],"made":[71],"the":[72,135,165,169,172,199,204,215,223,249,259],"more":[74,77],"destructive":[75],"relevant.":[78],"DJF":[80],"has":[81],"caused":[82],"millions":[83],"dollars":[85],"damage":[87],"across":[88],"several":[89],"different":[90],"business":[91],"sectors.":[92],"Notably":[93],"2014,":[95],"European":[97],"media":[98],"company":[99],"was":[100],"attacked":[101],"with":[102,111,178],"10-hour,":[104],"200":[105],"gigabit":[106],"per":[107],"second":[108],"DDoS":[109,209,243],"campaign":[110],"an":[112,196,212],"estimated":[113],"impact":[114],"$20M.":[116],"Traditional":[117],"defensive":[118],"measures,":[119],"like":[120],"firewalls,":[121],"intrusion":[122],"prevention":[123],"systems,":[124],"defense-in-depth,":[126],"always":[129],"effective.":[130],"threat":[132,201],"may":[133],"hasten":[134],"emergence":[136],"active":[138,242],"defenses":[139],"protect":[141],"Internet-based":[142],"revenue":[143],"streams":[144],"or":[145,160,228],"intellectual":[146],"property.":[147],"In":[148],"practice,":[149],"some":[150],"companies":[151],"either":[153],"found":[154],"legal":[155,226],"loopholes":[156,227],"that":[157,236],"provide":[158],"immunity,":[159,230],"decided":[162],"leverage":[164],"budding":[166],"relationship":[167],"between":[168],"government":[170],"private":[173],"sector":[174],"Hack":[176],"Back":[177,217],"implied":[179,229],"immunity.":[180],"Either":[181],"way,":[182],"tools":[183],"currently":[185],"being":[186],"used":[187,239],"defend":[189],"against":[190],"hacking.":[191],"This":[192],"paper":[193],"provides:":[194],"(1)":[195],"overview":[197,213],"present":[200],"posed":[202],"by":[203,245],"toolkits,":[210],"(2)":[211],"Hacking":[216],"debate":[218],"clear":[220],"examples":[221],"use":[224],"(3)":[232],"novel":[233],"offensive":[234],"campaigns":[235],"could":[237,257],"be":[238,258],"stop":[241],"attacks":[244],"exploiting":[246],"vulnerabilities":[247],"botnet's":[250],"command":[251],"control":[253],"(C&C).":[254],"Our":[255],"work":[256],"first":[260],"steps":[261],"toward":[262],"cyber-deterrence":[264],"strategy":[265],"hacking":[267],"cyber":[269],"espionage,":[270],"which":[271],"National":[274],"Security":[275],"imperative.":[276]},"counts_by_year":[{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1},{"year":2018,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}